<ul data-eligibleForWebStory="false"><li>North Korean hackers are using a new NimDoor malware to target Macs, posing as trusted contacts on apps like Telegram to trick victims into installing the backdoor via fake Zoom updates.</li><li>NimDoor's rare Nim code and AppleScript backdoors enable the malware to evade detection, target Mac, Windows, and Linux systems, and bypass Apple's memory protections for deep access.</li><li>The malware, once installed, steals crypto wallet data, browser logins, Telegram keys, and runs keyloggers and infostealers to exfiltrate data while avoiding detection.</li><li>The attackers are using a sophisticated social engineering campaign to target crypto firms, with the malware intricately designed to exploit vulnerabilities in Apple's defense systems.</li></ul>

North Korean Hackers Exploit Unusual “NimDoor” Malware to Breach Macs

Discover more