PANews
PANews|May 26, 2026 00:58
[North Korean Hacker Group Lazarus Deploys Fileless Trojan RemotePE to Attack Crypto Companies and Banks] According to Cryptopolitan, cybersecurity analysts have discovered a new type of fileless remote access trojan (RAT) called RemotePE. The Lazarus Group, a cybercrime organization believed to be linked to North Korea, is reportedly using this trojan to target banks and cryptocurrency companies. The trojan operates entirely in memory, making it difficult for traditional antivirus and forensic tools to detect. Attackers impersonate trading company employees via Telegram and use fake Calendly and Picktime links to conduct social engineering attacks. The malware is chain-loaded in three stages through DPAPILoader, RemotePELoader, and RemotePE, with the entire process avoiding interaction with the file system. It employs process hollowing, anti-analysis checks, and encrypted C2 communication to evade detection.
+5
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads