North Korean Hackers Target Crypto Workers with ’PylangGhost’ Malware via Fake Job Sites

BTCC / BTCC Square / Global Cryptocurrency /

Author:

Release Time:

2025-06-20 06:39:02

Cisco Talos has uncovered a new Python-based malware, 'PylangGhost,' deployed by the North Korean hacking group Famous Chollima. The malware specifically targets job seekers in the cryptocurrency industry, infiltrating their hardware through fake job postings.

The threat mirrors the GolangGhost RAT, discovered in December 2024, and has been actively used to compromise Windows systems. A Golang variant remains in use for MacOS targets. Open-source data points to India as the primary victim region.

Famous Chollima, also known as 'Wagemole,' employs social engineering tactics, creating counterfeit job sites impersonating major crypto firms to steal passwords and access digital wallets.

By:

Log in to Reply

Pi Network Shows Strong Growth with 3M New Users, Price Rebounds

Articles on this site are sourced from public networks or curated by AI for informational purposes only and do not represent BTCC’s views. Original rights belong to the respective authors. For copyright concerns, please contact [email protected]. BTCC assumes no liability for the accuracy, timeliness, or completeness of this information, and disclaims all liability arising from reliance on such content. This content is for reference only and should not be taken as investment, legal, or commercial advice.