The hacking attacks come in the form of “elaborate and hard-to-detect social engineering campaigns” targeting senior cryptocurrency project employees, developers, and digital asset owners, Jamf Threat Labs explained.
In most cases, hacker attacks are disguised as requests from recruiters to confirm qualifications before hiring, or trusted sources to perform debugging exercises. The exercises involve using and downloading non-standard packages, scripts, or repositories from GitHub.
“Stage one downloaders typically disguise themselves as PDF files with job offers. In reality, they are binary scripts that download and execute hidden malware,” cybersecurity experts warned.
RustDoor has backdoor capabilities and, once launched, allows hackers to fully control the infected system, including stealing passwords to access cryptocurrency wallets or exchanges.
Jamf noted that more than six months have passed since the first infection with the RustDoor malware, but so far none of the antivirus engines have marked the pseudo-test file with the archived hacker code as malicious.
Earlier, the US Federal Bureau of Investigation issued a warning that hacker groups from North Korea were targeting US cryptocurrency exchange-traded funds (ETFs) and their users.
Source: Bits
I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.
