Hackers groups from North Korea are increasingly adopting new methods to target Web3 companies and take advantage of their vulnerabilities to gain access to their systems. One of these, identified as Nimdoor, is focused on infecting Apple systems due to their high popularity.

According to The Hacker News, the attack uses social engineering to approach targets and set up meetings using video conferencing software like Zoom. The invite for the Zoom call contains a link to a program that, for the user, updates the Zoom software to its latest version.

However, in reality, the software delivers a script that allows attackers to gather system information and run arbitrary code, opening the infected system to remote management.

Investigators highlighted that this shows how North Korean hackers are weaponizing Apple systems’ capabilities to complete their attacks.

Sentinelone researchers Phil Stokes and Raffaele Sabato stated:

Nim’s rather unique ability to execute functions during compile time allows attackers to blend complex behaviour into a binary with less obvious control flow, resulting in compiled binaries in which developer code and Nim runtime code are intermingled even at the function level.

In addition, North Korean groups are also using other email-focused methods for their purposes, in a campaign that researchers have called Babyshark. The method includes delivering bogus documents that are socially engineered for the user to feel the urge to open it.

The documents have been reported to pose as interview requests from real newspapers, data requests from intelligence officers about visits to other countries, and diplomatic papers.

The situation gets even more dangerous when operatives from these groups infiltrate the organizations attacked, as has been documented to have happened in the past. According to blockchain security expert Zackxbt, over $16 million has been paid to these operatives posing as developers in these companies since the start of 2025.

Read more: US Crypto Exchanges a ‘Blind Spot’ in North Korea Laundering Scheme

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。