From Cointelegraph

June 19, 2025 11:38 PM:

A North Korean-aligned hacking group is targeting job seekers in the crypto industry with new malware called “PylangGhost” designed to steal passwords for crypto wallets and managers. The group, known as “Famous Chollima,” lures victims through fake job sites and interviews, compromising their devices and stealing sensitive information.

The malware, a variant of GolangGhost RAT, can remotely control infected systems and steal credentials from over 80 browser extensions, including popular crypto wallets like MetaMask and TronLink. It executes multiple commands, such as taking screenshots, managing files, and maintaining remote access, posing a significant threat to individuals with crypto experience.

North Korean hackers have previously used fake job lures to target victims, with recent incidents involving fake job interviews infected with malware. This tactic is not new, as hackers continue to exploit job seekers in the crypto industry to steal sensitive information and compromise devices. Stay vigilant against these malicious threats.

Read more at Cointelegraph: North Korea Targets Crypto Jobs With New Malware