SECURITYTHE HACKER NEWS
Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
The Lazarus Group, linked to North Korea, has deployed a memory-only malware called RemotePE in multi-stage attacks targeting financial and cryptocurrency organizations. The attack chain involves two loaders, DPAPILoader and RemotePELoader, as analyzed by NCC Group subsidiary Fox-IT.
Mentioned
Related Signal
Adjacent reporting
- Lazarus-linked macOS malware hits crypto and fintech firms
- Lazarus Group Malware Targets Crypto, Business Execs via macOS
- Lazarus-linked macOS malware hits crypto and fintech firms
- ‘TrapDoor’ malware targets crypto dev tools in supply chain attack
- Telegram Mini Apps abused for crypto scams, Android malware delivery
- Bank Trojan 'Casbaneiro' Worms Through Latin America