TechFlow news, July 3 — According to a report released Wednesday by cybersecurity firm Sentinel Labs, North Korean hackers are using new malware targeting Apple devices to attack cryptocurrency companies. The hackers impersonate trusted individuals on instant messaging apps like Telegram, sending fake Zoom update files that actually install malware named "NimDoor."
The malware is written in the rare Nim programming language, capable of bypassing Apple's memory protection mechanisms and deploying information-stealing programs specifically designed to target cryptocurrency wallets and browser passwords. Nim has become increasingly popular among cybercriminals due to its ability to run unmodified across Windows, Mac, and Linux systems, fast compilation speed, and difficulty in detection.
The malware also includes scripts capable of stealing Telegram's encrypted local database and decryption keys, and waits 10 minutes before activation to evade security scans.




