Lazarus Group uses KandyKorn macOS malware for crypto theft

KandyKorn, a sophisticated malware designed for data extraction and secure deletion, is linked to North Korean hacking group Lazarus. Distributed via phishing emails, KandyKorn primarily targets macOS devices of unsuspecting cryptocurrency users and blockchain engineers. Once infiltrated, it can steal a wide range of data from cryptocurrency wallet addresses to private keys and transaction history, making the malware a major threat to the cryptocurrency community.