BleepingComputer reports that individuals in the cryptocurrency industry are being targeted by the North Korean state-sponsored threat group Lazarus in a new macOS malware campaign leveraging fraudulent job offers in an effort to exfiltrate cryptocurrency and other digital assets. Lazarus hackers have been communicating with targets regarding job openings in through a direct message on LinkedIn, with targets receiving a macOS binary purporting to be a PDG containing the job vacancies, according to a report from SentinelOne. However, second- and third-stage payload files are being deployed by an included binary in the background, with the second stage payload facilitating persistence agent loading and connecting to the command-and-control server prior to final payload retrieval, noted researchers. "The threat actors have made no effort to encrypt or obfuscate any of the binaries, possibly indicating short-term campaigns and/or little fear of detection by their targets," said SentinelOne, which noted that another company may be impersonated soon by Lazarus using similar attack elements.