North Korean hackers use fake Zoom update to spread macOS malware 'NimDoor' targeting crypto firms

PANews
2025/07/03 17:57

PANews reported on July 3 that according to The Block, cybersecurity company SentinelLabs recently discovered that North Korean hacker groups used a new "NimDoor" macOS backdoor program to attack cryptocurrency companies. The malware spreads through fake Zoom update packages and can steal browser passwords, Telegram data, and encrypted wallet files. The attacker first contacts the target on Telegram, arranges a meeting through Calendly, and induces the victim to download the infected "Zoom update." The backdoor is written in the unpopular programming language Nim and can bypass Apple's security detection. Once installed, a login item will be automatically created to run continuously and download subsequent attack modules. Security experts recommend that cryptocurrency companies take three protective measures: block unsigned installation packages, download updates only from the zoom.us domain name, and review the Telegram contact list.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

You May Also Like

Coinbase: System upgrade time adjusted to 22:00 on August 2

Coinbase: System upgrade time adjusted to 22:00 on August 2

PANews reported on July 4 that Coinbase tweeted that the system upgrade time has been adjusted to 22:00 (UTC+8) on August 2, 2025, and is expected to last for 3
Share
PANews2025/07/04 07:42
iM Bank applies for 12 Korean won stablecoin trademarks

iM Bank applies for 12 Korean won stablecoin trademarks

PANews reported on July 4 that according to Korean media Newsis, iM Bank announced that it has applied for 12 trademarks related to the Korean won stablecoin, including "iMKRW", "iMST"
Lorenzo Protocol
BANK$0.06742+13.67%
Share
PANews2025/07/04 09:25
Bitcoin holds steady amid higher-than-expected core PCE inflation and weakening futures volumes

Bitcoin holds steady amid higher-than-expected core PCE inflation and weakening futures volumes

Bitcoin (BTC) trades around $107,000 on Friday as the core Personal Consumption Expenditure (PCE) inflation data for May rose to 2.7%, beating expectations of 2.6%.
Bitcoin
BTC$109,196.22+0.49%
Core DAO
CORE$0.5123-1.89%
Oasis
ROSE$0.02514-0.82%
Share
Fxstreet2025/06/28 04:40

Trending News

More

Coinbase: System upgrade time adjusted to 22:00 on August 2

iM Bank applies for 12 Korean won stablecoin trademarks

Bitcoin holds steady amid higher-than-expected core PCE inflation and weakening futures volumes

U.S. House of Representatives votes to pass "Big and Beautiful" bill

Zama — active in the testnet, aiming for the airdrop