The Hacker News · May 25, 2026 9:32 AM

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms

Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency organizations.

RemotePE, per NCC Group subsidiary Fox-IT, is part of a multi-stage attack chain that involves two loaders tracked as DPAPILoader and RemotePELoader.

"DPAPILoader decrypts and

Read at The Hacker News

Was this helpful?

What ClickUp’s mass layoff tells us about the future of work 2026-05-27
The pope’s AI encyclical isn’t really about AI 2026-05-27
OpenAI, Grupo Folha and Grupo UOL announce strategic content partnership 2026-05-27
Harness, Scaffold, and the AI Agent Terms Worth Getting Right 2026-05-27

← Back to edition

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms

Was this helpful?

Related