According to Foresight News, the North Korean Lazarus Group has recently been discovered conducting large-scale Advanced Persistent Threat (APT) attacks targeting the cryptocurrency industry. The group's attack method involves identity disguise, passing real-person authentication to deceive auditors and become genuine customers, and then making real deposits. Under the cover of this customer identity, the attackers communicate with multiple officials and customers, and then deliver customized Mac or Windows Trojans to the targeted officials. After gaining access, they move laterally within the network, remaining undetected for a long period to achieve their goal of stealing funds.

SlowMist, in collaboration with its partners, has identified the domain names and Trojan samples used by the attackers. Those in need of assistance can contact SlowMist's official email at team@slowmist.com.