North Korean hackers use Nim to write malware targeting MAC devices, specifically focusing on cryptocurrency wallets and Telegram data
Jul 3, 2025 14:35:00
ChainCatcher news, according to a report released by cybersecurity company Sentinel Labs on Wednesday, North Korean hackers are using a new type of malware targeting Apple devices to attack cryptocurrency companies. The hackers impersonate trusted individuals on instant messaging applications like Telegram, sending fake Zoom update files that actually install malware named "NimDoor."
This malware is written in the rare Nim programming language, which can bypass Apple's memory protection mechanisms and deploy information stealers specifically targeting cryptocurrency wallets and browser passwords. The Nim language is becoming a new favorite among cybercriminals because it can run on Windows, Mac, and Linux without modification, compiles quickly, and is difficult to detect.
The malware also includes scripts capable of stealing the encrypted local database and decryption keys from Telegram, and it waits for 10 minutes before activation to evade security scans.
Dự án liên quan
Tin tức mới nhất
Coindesk
Dec 26, 2025 23:09:38
The Block
Dec 26, 2025 14:49:15
Chainwire
Dec 25, 2025 23:21:44
Chainwire
Dec 24, 2025 22:30:10
Blockworks
Dec 24, 2025 09:11:39












