Lazarus Group Deploys New Malware Targeting Crypto Firms in $577M Heist

BTCC / BTCC Square / Global Cryptocurrency /

Author:

Release Time:

2026-05-26 04:31:02

BTCCSquare news:

North Korea's Lazarus Group has resurfaced with a sophisticated cyberattack campaign targeting financial institutions and cryptocurrency firms. Cybersecurity researchers identified a new fileless malware strain called 'RemotePE' in September 2025, which operates entirely in memory to evade detection. The group's latest operation has been linked to $577 million in crypto thefts during 2026.

The attack chain begins with carefully crafted social engineering tactics. Lazarus operatives pose as investment firm representatives on Telegram, initiating contact through seemingly legitimate meeting requests via scheduling platforms like Calendly and Picktime. This human-centric approach significantly increases infection rates compared to traditional malware distribution methods.

The technical execution involves a multi-stage attack beginning with DPAPILoader DLL deployment. The malware's memory-only operation makes it particularly dangerous, leaving minimal forensic evidence on compromised systems. Security analysts note this represents an evolution of previous Lazarus tactics, now incorporating more advanced obfuscation techniques.

By:

Log in to Reply

Eli Lilly Rises on VERVE-102 Gene Therapy’s LDL-C Reduction

Articles on this site are sourced from public networks or curated by AI for informational purposes only and do not represent BTCC’s views. Original rights belong to the respective authors. For copyright concerns, please contact [email protected]. BTCC assumes no liability for the accuracy, timeliness, or completeness of this information, and disclaims all liability arising from reliance on such content. This content is for reference only and should not be taken as investment, legal, or commercial advice.