Cybersecurity researchers have identified a cross-platform malware named RemotePE, utilized by the North Korea-linked Lazarus Group to target financial and cryptocurrency organizations through a multi-stage attack chain.
Cybersecurity researchers have shed light on a cross-platform malware called RemotePE, which has been used by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency organizations. The malware is part of a multi-stage attack chain involving two loaders identified as DPAPILoader and RemotePELoader. DPAPILoader is noted to handle the decryption process within the malware architecture.