North Korea's Lazarus Group targets crypto investors via Telegram

The North Korean-linked Lazarus Group is targeting cryptocurrency investors with social engineering hacks on Telegram, Cryptopolitan reported. The attacks reportedly use memory-based malware that leaves few traces on a computer, making it extremely difficult to detect. According to the report, Lazarus Group members pose as employees of trading firms on Telegram. They then guide victims to phishing sites that imitate the scheduling platforms Calendly and PicTime. Once a victim grants approval, malware is installed in stages. The attack employs a "human-in-the-loop" approach, building trust through direct interaction to persuade victims to execute malicious files.