A new North Korean cyberattack campaign, Contagious Interview, is targeting macOS cryptocurrency developers using RustDoor and Koi Stealer malware.
🔹 Attackers pose as recruiters to trick job-seeking developers into downloading malware.
🔹 RustDoor steals data and maintains remote access, masquerading as software updates.
🔹 Koi Stealer, a newly discovered macOS malware, steals crypto wallets, passwords, SSH files, and browser data.
🔹 Malware uses AppleScript to disable system notifications, staying undetected.
🔹 Researchers link the attacks to BlueNoroff (a Lazarus Group subgroup), which has a history of financial and crypto-related cybercrime.
🔹 Attackers pose as recruiters to trick job-seeking developers into downloading malware.
🔹 RustDoor steals data and maintains remote access, masquerading as software updates.
🔹 Koi Stealer, a newly discovered macOS malware, steals crypto wallets, passwords, SSH files, and browser data.
🔹 Malware uses AppleScript to disable system notifications, staying undetected.
🔹 Researchers link the attacks to BlueNoroff (a Lazarus Group subgroup), which has a history of financial and crypto-related cybercrime.
![[Image: MxgnhgZ.gif]](https://i.imgur.com/MxgnhgZ.gif)