cybercrime.clubhttps://cybercrime.club/tags/dpapi/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usTue, 26 May 2026 11:09:10 -0400Lazarus RemotePE: Memory-Only RAT Behind $577M Crypto Theft Surfaces in Fox-IT Disclosurehttps://cybercrime.club/posts/lazarus-remotepe-memory-only-rat-dpapiloader-577m-crypto-heist/Tue, 26 May 2026 11:09:10 -0400https://cybercrime.club/posts/lazarus-remotepe-memory-only-rat-dpapiloader-577m-crypto-heist/Fox-IT and The Hacker News detail RemotePE, a fileless C++ RAT used by North Korea's Lazarus Group against fintech and crypto firms via a DPAPI-bound loader chain. Tied to $577M in 2026 crypto theft.threat-actor