”North Korean Cybercrime Group Targets Brazilian Cryptocurrency and Fintech Companies”

North Korean cybercriminals target Brazilian crypto and fintech sectors using sophisticated malware and phishing schemes, according to a Google Cloud report
On the same day, Google Cloud's threat intelligence department released a report stating that the North Korean government was behind cyber attacks.
The report found that North Korean attackers were actively targeting Brazilian cryptocurrency exchanges and fintech companies. The North Korean group is primarily targeting cryptocurrency companies, the aerospace and defense industry, and political parties.
While the Chinese government has focused on targeting government agencies, cybercriminals backed by the Chinese government have shown a preference for attacking only government and energy sectors in Brazil.
The notorious North Korean cybercrime group Pukchong, also known as UNC4899, is attempting to connect Brazilian citizens with the job market.
Criminal groups targeted institutions, tricking unsuspecting job seekers into downloading malicious code into their systems.
The report states, "The project is a Python app that looks up cryptocurrency prices, which is a Trojan.
"It has been modified to turn the malware into a Trojan horse and search for a second-stage payload from attacker-controlled domains if certain conditions are met."
Similar malware attacks carried out by GoPix and URSA have also been found to be active targeting cryptocurrency companies in Brazil.