‘KandyKorn’ macOS Malware Lures Crypto Engineers

North Korean hacking group, Lazarus, has developed a macOS malware named ‘KandyKorn’ that targets blockchain engineers linked with cryptocurrency exchanges. The malware, masked as a cryptocurrency arbitrage bot through a Python application, has capabilities to detect, access, and steal data, including cryptocurrency services. According to Elastic Security Labs, KandyKorn has caused a series of private key thefts from cryptocurrency exchanges, helping fund the North Korean regime.