Threat groups associated with North Korea have been seen aiming at Web3 and cryptocurrency-related enterprises using malware developed in the Nim programming language, highlighting an ongoing adaptation of their strategies.
“Remarkably for macOS malware, the threat groups utilize a process injection method and remote communication through wss, the TLS-secured variant of the WebSocket protocol,”