A new North Korean cyberattack campaign, Contagious Interview, is targeting macOS cryptocurrency developers using RustDoor and Koi Stealer malware.
🔹 Attackers pose as recruiters to trick job-seeking developers into downloading malware.
🔹 RustDoor steals data and maintains remote access, masquerading as software updates.
🔹 Koi Stealer, a newly discovered macOS malware, steals crypto wallets, passwords, SSH files, and browser data.
🔹 Malware uses AppleScript to disable system notifications, staying undetected.
🔹 Researchers link the attacks to BlueNoroff (a Lazarus Group subgroup), which has a history of financial and crypto-related cybercrime.
🔹 Attackers pose as recruiters to trick job-seeking developers into downloading malware.
🔹 RustDoor steals data and maintains remote access, masquerading as software updates.
🔹 Koi Stealer, a newly discovered macOS malware, steals crypto wallets, passwords, SSH files, and browser data.
🔹 Malware uses AppleScript to disable system notifications, staying undetected.
🔹 Researchers link the attacks to BlueNoroff (a Lazarus Group subgroup), which has a history of financial and crypto-related cybercrime.
![[Image: Frame-12545364.png]](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fi.postimg.cc%2FrFw1BvnR%2FFrame-12545364.png)