See every side of every news story
Get Started
SubscribeLogin
Israel-Hamas Conflict
Independence Day
Donald Trump
Taxes
Republican Party
Social Media
Artificial Intelligence
WWE
Boxing
NBA
Instagram
Education
Property
Published loading...Updated

NimDoor Crypto-Theft macOS Malware Revives Itself when Killed

Summary by BleepingComputer
North Korean state-backed hackers have been using a new family of macOS malware called NimDoor in a campaign that targets web3 and cryptocurrency organizations.

12 Articles

All
Left
Center
2
Right
AppleInsiderAppleInsider
Reposted by
machash.commachash.com
Center

North Korean hackers use Mac malware to target crypto firms

North Korean hackers are using sophisticated Mac malware delivered through fake Zoom invites to break into Web3 and crypto firms, stealing sensitive data while evading standard security measures.

Read Full Article
BleepingComputerBleepingComputer
Center

NimDoor crypto-theft macOS malware revives itself when killed

North Korean state-backed hackers have been using a new family of macOS malware called NimDoor in a campaign that targets web3 and cryptocurrency organizations.

Read Full Article
bitdegree.orgbitdegree.org

NimDoor Malware Slips into Macs via Fake Video Meetings

Sentinel Labs has discovered a hacking campaign that uses fake video meetings and disguised software updates to plant malware on Apple computers.

Read Full Article
NDTV Gadgets 360NDTV Gadgets 360

North Korean Hackers Use Unique macOS Malware to Target Crypto Platforms

North Korean hackers are reportedly deploying NimDoor malware against Mac computers in Web3 and crypto companies. The threat actors rely on bash scripts to exfiltrate sensitive data, including browser information, iCloud Keychain credentials, and Telegram user data. Like other attacks linked to DPRK threat actors, these also leverage social engineering via chat platforms and malicious scripts or updates to compromise target computers.

Read Full Article
The Hacker NewsThe Hacker News

North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign

Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a constant evolution of their tactics. "Unusually for macOS malware, the threat actors employ a process injection technique and remote communications via wss, the TLS-encrypted version of the WebSocket protocol,"

Read Full Article
MacworldMacworld

High-tech Mac malware hides itself in fake Zoom update

Macworld SentinelLabs has posted a report about a new malware that targets Mac users of blockchain technologies, such as crypto. The threat agents behind the attack are based in North Korea, according to research by Huntabil.IT, as cited by SentinelLabs. The attack involves executable scripts written in AppleScript, C++, and Nim. Targeted users are sent a meeting invitation via Calendly, a cloud-based B2B scheduling service. The contact is made…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

crypto.news broke the news in on Tuesday, July 1, 2025.
Sources are mostly out of (0)

Similar News Topics

Apple icon

Apple

Department of Justice icon

Department of Justice

Zoom icon

Zoom

Cryptocurrency icon

Cryptocurrency

North Korea icon

North Korea

News
For You
SearchBlindspotLocal