Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency organizations.
RemotePE, per NCC Group subsidiary Fox-IT, is part of a multi-stage attack chain that involves two loaders tracked as DPAPILoader and RemotePELoader.
"DPAPILoader decrypts and
source https://thehackernews.com/2026/05/lazarus-deploys-remotepe-memory-only.html
source https://thehackernews.com/2026/05/lazarus-deploys-remotepe-memory-only.html
