SlowMist CISO: Fake job postings by Graphalgo are exploiting remote access trojans to attack crypto developers.

This article is machine translated

Show original

According to Foresight News , 23pds, Chief Information Security Officer of SlowMist, tweeted that a new branch of the fake job posting campaign launched by the North Korean hacking group Lazarus Group, graphalgo, is using a remote access trojan to attack cryptocurrency developers. Named graphalgo after the first related package in the npm repository, the campaign has been active since early May 2025. This coordinated operation uses fake cryptocurrency-related job postings as bait, targeting both JavaScript and Python developers. The campaign includes the malicious npm package bigmathutils, whose original harmless version was downloaded over 10,000 times after its release, while a second version containing a malicious payload was released subsequently.

Source

Disclaimer: The content above is only the author's opinion which does not represent any position of Followin, and is not intended as, and shall not be understood or construed as, investment advice from Followin.

Add to Favorites

Comments

Relevant content

Foresight News

Earning $80,000 a day, this top player treats Polymarket like an ATM.

BTC

1.98%

PANews

Meme wanes, narratives cool: Solana's cyclical boom ends as it falls below $80.

BNB

3.36%

ODAILY

Gold fell more than 4% at one point, and silver plummeted 11%, as a sharp drop in US stocks triggered a sell-off in algorithmically traded precious metals.