| PANews

North Korean hackers use fake Zoom update to spread macOS malware 'NimDoor' targeting crypto firms

PANews reported on July 3 that according to The Block, cybersecurity company SentinelLabs recently discovered that North Korean hacker groups used a new "NimDoor" macOS backdoor program to attack cryptocurrency companies. The malware spreads through fake Zoom update packages and can steal browser passwords, Telegram data, and encrypted wallet files. The attacker first contacts the target on Telegram, arranges a meeting through Calendly, and induces the victim to download the infected "Zoom update." The backdoor is written in the unpopular programming language Nim and can bypass Apple's security detection. Once installed, a login item will be automatically created to run continuously and download subsequent attack modules. Security experts recommend that cryptocurrency companies take three protective measures: block unsigned installation packages, download updates only from the zoom.us domain name, and review the Telegram contact list.

Original Link

Share to:

Author: PA一线

This content is for informational purposes only and does not constitute investment advice.

Cryptocurrency hacker Safety

Follow PANews official accounts, navigate bull and bear markets together

PANews WeChat Group

Telegram Discussion Group

Telegram News Channel

@PANewsCN

Recommended Reading

PA一线16 hour ago

In the past 24 hours, the total network contract liquidation was US$488 million, mainly due to the short position

PA一线20 hour ago

Binance Becomes Founding Member of Beacon Network, Building a Real-Time Crypto Crime Response Network

PA一线2025-08-20 09:02

Radiant Capital hackers repurchased 4,487 ETH at an average price of $4,154

PA一线2025-08-19 15:30

In the past 24 hours, the total contract liquidation of the entire network was US$379 million, mainly due to the short position

PA一线2025-08-19 09:03

A nonprofit American Innovation Project, backed by Coinbase, Uniswap, and others, has launched to promote crypto policy education.

Foresight News2025-08-19 06:00

After Monero's fall, Dogecoin becomes Qubic's next 51% attack target

Hot Search:BTC ETH ENA MEME RWA 山寨季 ETF SOL 稳定币香港 AI DeSci 空投加密财库降息 DeFi

Curated Series

Ethereum's turbulent decade

Ten years have passed since the creation of Ethereum. Where is the "world computer" headed? This special feature will feature selected articles reviewing Ethereum's turbulent decade of rise, challenges, and breakthroughs.

PAData: Web3 in Data

Data analysis and visual communication of industry hot spots help users understand the meaning and opportunities behind each data.

Pioneer's View: Crypto Celebrity Interviews

Exclusive interviews with crypto celebrities, sharing unique observations and insights

AI Agent: The Journey to Web3 Intelligence

The AI Agen innovation wave is sweeping the world. How will it take root in Web3? Let’s embark on this intelligent journey together

Memecoin Supercycle: The hype around attention tokenization

From joke culture to the trillion-dollar race, Memecoin has become an integral part of the crypto market. In this Memecoin super cycle, how can we seize the opportunity?

Real-time tracking of Bybit attack

Bybit suffered a security incident, and funds worth $1.44 billion were withdrawn. A North Korean hacker group was accused of being the perpetrator.