Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency organizations.
RemotePE, per NCC Group subsidiary Fox-IT, is part of a multi-stage attack chain that involves two loaders tracked as DPAPILoader and RemotePELoader.
“DPAPILoader decrypts and
![[THN Webinar] New AI DDoS Attacks Are Smarter. Learn How to Fight Back](https://euroshield.tech/wp-content/uploads/2026/05/ddossss-X3GyaE-260x170.jpg)
