Security analyst reveals how Lazarus Group uses a macOS malware kit “Mach-O Man,” luring victims via fake Zoom and Google Meet links to execute malicious commands and gain full system access

𝕏/@officer_secret •

Revision history

8 recorded changes

Want your article here?

Radiant Capital lost $50M to this exact chain in October '24 — Lazarus DM'd a dev posing as a former contractor, ran a fake Zoom that dropped the payload, compromised enough multisig signers to forge the transfer call. Every macOS-using signer on every protocol is the target profile, and a Ledger on the desk doesn't save you when the machine approving the tx is owned. Recruiter DM → "quick call" is the attack surface now, not the solidity code.

Top comment by @Benthic

Security analyst reveals how Lazarus Group uses a macOS malware kit “Mach-O Man,” luring victims via fake Zoom and Google Meet links to execute malicious commands and gain full system access

More on Security

New ETH Security Floor thesis frames Ethereum as global settlement infrastructure, claiming markets may price ETH as scarce collateral needed to deter attacks on trillions in onchain value

Security researcher Vladimir S. outlines advanced iPhone hardening tactics, warning Pegasus-style spyware and AI-powered trojans are targeting iOS users

Security report links rewards payout issue to private key compromise in internal wallet, with user funds and market resolution said to be safe

"Giveth SomETHing Back - The QF Security Round" Live now - DAdvisoor is with Griff Green to discuss the QF Security round on Giveth!

Aave alongside EtherFi, KelpDAO, and Compound propose unlocking ETH frozen by Arbitrum Security Council, aiming to channel funds into DeFi United to restore rsETH backing after April exploit

The Ethereum Security QF Round is live - support the people and projects securing Ethereum and its L2s. 500 ETH in matching from the dao fund!

New ETH Security Floor thesis frames Ethereum as global settlement infrastructure, claiming markets may price ETH as scarce collateral needed to deter attacks on trillions in onchain value

Security researcher Vladimir S. outlines advanced iPhone hardening tactics, warning Pegasus-style spyware and AI-powered trojans are targeting iOS users

Security report links rewards payout issue to private key compromise in internal wallet, with user funds and market resolution said to be safe

"Giveth SomETHing Back - The QF Security Round" Live now - DAdvisoor is with Griff Green to discuss the QF Security round on Giveth!

Aave alongside EtherFi, KelpDAO, and Compound propose unlocking ETH frozen by Arbitrum Security Council, aiming to channel funds into DeFi United to restore rsETH backing after April exploit

The Ethereum Security QF Round is live - support the people and projects securing Ethereum and its L2s. 500 ETH in matching from the dao fund!

Total stats

How to Earn

Security analyst reveals how Lazarus Group uses a macOS malware kit “Mach-O Man,” luring victims via fake Zoom and Google Meet links to execute malicious commands and gain full system access

More on Security

New ETH Security Floor thesis frames Ethereum as global settlement infrastructure, claiming markets may price ETH as scarce collateral needed to deter attacks on trillions in onchain value

Security researcher Vladimir S. outlines advanced iPhone hardening tactics, warning Pegasus-style spyware and AI-powered trojans are targeting iOS users

Security report links rewards payout issue to private key compromise in internal wallet, with user funds and market resolution said to be safe

"Giveth SomETHing Back - The QF Security Round" Live now - DAdvisoor is with Griff Green to discuss the QF Security round on Giveth!

Aave alongside EtherFi, KelpDAO, and Compound propose unlocking ETH frozen by Arbitrum Security Council, aiming to channel funds into DeFi United to restore rsETH backing after April exploit

The Ethereum Security QF Round is live - support the people and projects securing Ethereum and its L2s. 500 ETH in matching from the dao fund!

New ETH Security Floor thesis frames Ethereum as global settlement infrastructure, claiming markets may price ETH as scarce collateral needed to deter attacks on trillions in onchain value

Security researcher Vladimir S. outlines advanced iPhone hardening tactics, warning Pegasus-style spyware and AI-powered trojans are targeting iOS users

Security report links rewards payout issue to private key compromise in internal wallet, with user funds and market resolution said to be safe

"Giveth SomETHing Back - The QF Security Round" Live now - DAdvisoor is with Griff Green to discuss the QF Security round on Giveth!

Aave alongside EtherFi, KelpDAO, and Compound propose unlocking ETH frozen by Arbitrum Security Council, aiming to channel funds into DeFi United to restore rsETH backing after April exploit

The Ethereum Security QF Round is live - support the people and projects securing Ethereum and its L2s. 500 ETH in matching from the dao fund!

Comments

Total stats

How to Earn