Cryptopolitan reported that the North Korea-linked hacking group Lazarus Group is targeting cryptocurrency investors with Telegram-based social engineering hacks. The hack uses memory-based malware that leaves almost no trace on computers and was found to be very difficult to detect. The media outlet stated, "The Lazarus Group disguises itself as an employee of a trading company on Telegram, lures victims to phishing sites that mimic scheduling platforms Calendly and Picktime, and conducts an attack where malware installation progresses in stages once approval is given. This attack is carried out using a 'human-in-the-loop' method, interacting directly with people and building trust. It is known to induce victims to naturally execute malicious files through this method."
