Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore a detailed cybersecurity investigation into North Korean state-sponsored malware targeting macOS systems through sophisticated social engineering campaigns. Learn how DPRK-linked threat actors impersonate legitimate tech industry recruiters to conduct fake job interviews, specifically targeting software developers in the cryptocurrency sector. Discover the analysis of a previously undocumented macOS variant of Koi Stealer malware that demonstrates advanced capabilities including AppleScript-based command execution, persistence mechanisms, and separate memory streams for command and control communication. Examine the methodologies used to link this macOS strain to its Windows counterpart through TTP correlation, code similarity analysis, and infrastructure pivoting techniques. Understand how researchers traced C2 infrastructure to connect this campaign with previously known North Korean operations and established attribution to DPRK-aligned threat actors. Gain insights into the evolution of nation-state malware from Windows-only targeting to cross-platform capabilities, and learn about the sophisticated tactics employed in modern cyber espionage campaigns targeting the technology and cryptocurrency industries.
