INSUBCONTINENT EXCLUSIVE:
A North Korean-aligned threat actor has been targeting job seekers in the crypto industry with new malware that is designed to steal
passwords for crypto wallets and password managers.Cisco Talos reported on Wednesday that it found a new Python-based remote access trojan
sites and tests a cover for malwareThe attackers create fraudulent job sites that impersonate legitimate companies, such as Coinbase,
invites to skill-testing websites where the information gathering occurs.Sample of fake job website
Source: Cisco TalosNext, the victims are lured into enabling video and camera access for fake interviews during which they are tricked into
copying and executing malicious commands under the pretense of installing updated video drivers, resulting in the compromise of their
functionality, Cisco Talos said.Upon execution, the commands enable remote control of the infected system and the theft of cookies and
managing files, stealing browser data, collecting system information and maintaining remote access to infected systems.Related: Scammers use
when his Bitcoin predictions are totally wrong
