North Korean 'Durian' Malware Targets South Korean Crypto

Rachana Saha

North Korean hackers employed "Durian" malware to target South Korean crypto firms, as per Kaspersky.

Kimsuky used Durian in persistent attacks on at least two crypto companies by exploiting security software.

Durian serves as an installer for malware, including "AppleSeed" and "LazyLoad" proxy tool.

Kaspersky underscores Durian's extensive backdoor capabilities for command execution and file manipulation.

LazyLoad's use in Durian attacks suggests a potential link between Kimsuky and Andariel, Lazarus Group's subgroup, implying broader North Korean cyber activities.

Disclaimer: Analytics Insight does not provide financial advice or guidance. Also note that the cryptocurrencies mentioned/listed on the website could potentially be scams, i.e. designed to induce you to invest financial resources that may be lost forever and not be recoverable once investments are made. You are responsible for conducting your own research (DYOR) before making any investments. Read more here.