North Korean hacker group Lazarus deploys fileless Trojan RemotePE, attacking cryptocurrency companies and banks
By: rootdata|2026/05/27 04:45:01
0
Share
According to Cryptopolitan, cybersecurity analysts have discovered a new type of fileless remote access trojan (RAT) named RemotePE. It is believed that the cybercrime organization Lazarus Group, associated with North Korea, is using this trojan to attack banks and cryptocurrency companies. The trojan operates entirely in memory, making it difficult for traditional antivirus and forensic tools to detect. Attackers impersonate trading company employees via Telegram, using forged Calendly and Picktime links for social engineering attacks. The malware is loaded in a three-stage chain through DPAPILoader, RemotePELoader, and RemotePE, with the entire process avoiding contact with the file system, utilizing process hollowing, anti-analysis checks, and encrypted C2 communication to evade detection.
This malware was first discovered in September 2025. In the first four months of 2026, the Lazarus organization has stolen approximately $577 million in cryptocurrency assets, accounting for 76% of the total global cryptocurrency theft. Since 2017, the organization has accumulated a total theft amount of $6 billion.
You may also like
Morning News | Michael Saylor releases Bitcoin Tracker information; Aave releases post-attack investigation on Kelp rsETH bridge; Gravity Bridge announces service suspension after being attacked
Overview of Important Market Events on May 31
BIS's latest research: The future of stablecoins and the global monetary landscape
The report believes that stablecoins will strengthen the dominance of the US dollar in the short term, posing risks to the monetary sovereignty of emerging markets and developing economies, while the long-term trajectory will depend on their adoption models, regulatory responses, and the synergy of ...
Interview with macro master Raoul Pal: The AI competition is giving rise to an "economic singularity," don't easily give up your chips in the next four years
Compared to Nasdaq, Bitcoin is currently in a severely oversold position within its long-term trend.
Wang Chuan: How can one not feel anxious after the neighbor Old Wang made thirty times his investment in storage stocks? (Six) - The Trap of Homogeneous Products
In-depth analysis of the cyclical curse of storage stocks: The short-term windfall brought by AI is unsustainable, and rigid capacity will ultimately backfire on prices. Beware of the "low price-to-earnings ratio" wealth trap at the cyclical peak.
"Trapped in the cryptocurrency world: Don't let the anxiety of missing out force you onto the most dangerous last train."
When global assets reach new highs, cryptocurrency becomes the only uninvited guest.
The broken defense of Solana's guardians: In order to tear apart Hyperliquid, they actually picked up the script that Ethereum once criticized itself?
HYPE surge sparks a battle of giants. Solana's leader angrily criticizes Hyperliquid for being too centralized, while Arthur Hayes counters with a strong rebuttal, betting $100,000.
Why is Peter Thiel, behind Palantir, preparing an exit in Argentina?
Palantir, political risk, and the self-preservation of technological oligarchs.
The midlife crisis of Crypto GP: Without PMF, there is no next check from LP
After losing the vastness of the stars and the sea, most Crypto GPs that failed to earn excess returns in this cycle must pragmatically launch a product with PMF, either by proving their ability to help LPs earn excess returns through some niche market, or by solving specific problems for LPs/partne...
Fidelity Mid-Year Review: 6 Key Trends in Digital Assets for 2026
Setting aside short-term market fluctuations, the underlying logic of digital assets is changing. The accelerated integration of capital markets, the implementation of regulatory frameworks, and the continuous optimization of infrastructure constitute the core driving forces of current industry deve...
Three years later: Looking back at my judgment of ChatGPT in 2023
In fact, it's not that difficult to see the big picture; the hard part is admitting that we have repeatedly taken for granted the numbers, speed, and distribution.
From Casino Tools to Global Pricing Machines: The NYSE Leader's Perspective on Hyperliquid
"Why can they do it, but we can't?" This rhetorical question not only reveals the anxiety of traditional exchanges but also reflects the subtle and complex game between TradFi and DeFi after perpetual contracts have shifted from being gambling tools to global price discovery infrastructure.
A Detailed Analysis of "Stock God Serenity" Investment Methodology
In the major trend of AI and other areas, instead of buying the most eye-catching popular stocks, we should drill down along the industry chain to find the most irreplaceable bottlenecks in future architectural migrations, and place bets in advance while old financial reports, old valuations, and ol...
Sharplink CEO: The future of Ethereum is unfolding
The market is focused on the ETH price and foundation controversies, but overlooks the bigger picture: Ethereum is far ahead in stablecoin settlement, RWA, and DeFi, and has already met the conditions for institutional adoption.
Morning Report | Korea Investment & Securities and OKX plan to jointly acquire 40% of Coinone; Polymarket denies implementing KYC comprehensively; Grayscale delays U.S. stock IPO plans
Overview of Important Market Events on May 28
Bit Digital CEO: Why I Bought More ETH
Valuation re-evaluation will never come from retail investors' enthusiasm for narratives; for an asset with such a vast underlying infrastructure, that has always been a fragile foundation. The real catalyst is institutional demand, and institutional demand does not operate according to the timeline...
A Decade of Three Waves of Stock Tokenization from Bitget's Reality: An Unfinished Financial Exploration
Reality represents the latest step in this revolution. What the next step is, is not in Bitget's release materials, but in the next 12 to 24 months, on the first day Nasdaq goes live, on the day the SEC's new regulations take effect, and on the day Bitget can obtain a formal financial license in a m...
"Hu Run Baifu" Dialogue with Sun Yuchen: A New Paradigm of Value Circulation in the Web3 Transformation Cycle
In an exclusive interview with Hurun Report, Sun Yuchen succinctly summarized his long-term core goal: "To enable anyone in the world, regardless of their location or whether they have a bank account, to transfer and use their funds at low cost and high efficiency."
Is it hackers and regulation that ruined DeFi?
The future of DeFi will either move towards a stricter industry self-discipline and compliance framework, forced to compromise on the principles of decentralization; or it will gradually lose market confidence in the ongoing imbalance of offense and defense, leading to long-term marginalization.
Morning News | Michael Saylor releases Bitcoin Tracker information; Aave releases post-attack investigation on Kelp rsETH bridge; Gravity Bridge announces service suspension after being attacked
Overview of Important Market Events on May 31
BIS's latest research: The future of stablecoins and the global monetary landscape
The report believes that stablecoins will strengthen the dominance of the US dollar in the short term, posing risks to the monetary sovereignty of emerging markets and developing economies, while the long-term trajectory will depend on their adoption models, regulatory responses, and the synergy of ...
Interview with macro master Raoul Pal: The AI competition is giving rise to an "economic singularity," don't easily give up your chips in the next four years
Compared to Nasdaq, Bitcoin is currently in a severely oversold position within its long-term trend.
Wang Chuan: How can one not feel anxious after the neighbor Old Wang made thirty times his investment in storage stocks? (Six) - The Trap of Homogeneous Products
In-depth analysis of the cyclical curse of storage stocks: The short-term windfall brought by AI is unsustainable, and rigid capacity will ultimately backfire on prices. Beware of the "low price-to-earnings ratio" wealth trap at the cyclical peak.
"Trapped in the cryptocurrency world: Don't let the anxiety of missing out force you onto the most dangerous last train."
When global assets reach new highs, cryptocurrency becomes the only uninvited guest.
The broken defense of Solana's guardians: In order to tear apart Hyperliquid, they actually picked up the script that Ethereum once criticized itself?
HYPE surge sparks a battle of giants. Solana's leader angrily criticizes Hyperliquid for being too centralized, while Arthur Hayes counters with a strong rebuttal, betting $100,000.
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com
