TechFlow, June 20 — According to Cointelegraph, a recent report from Cisco Talos reveals that the North Korean hacking group "Famous Chollima" is targeting professionals in the cryptocurrency and blockchain sectors by using fake job recruitment websites impersonating well-known companies such as Coinbase and Robinhood.
The attackers deploy a new Python-based remote access trojan called "PylangGhost," tricking victims into executing malicious commands during simulated online interviews. This enables the theft of cryptocurrency wallet credentials and passwords stored in over 80 browser extensions, including MetaMask and 1Password. The malware also features additional capabilities such as screen capture, file management, and system information collection.




