Researchers at SentinelOne have warned that North Korea’s Lazarus Group is using phony Crypto.com job offers to distribute macOS malware. The researchers aren’t sure how the lures are being distributed, but they suspect the attackers are sending spear phishing messages on LinkedIn. SentinelOne notes that this campaign “appears to be extending the targets from users of crypto exchange platforms to their employees in what may be a combined effort to conduct both espionage and cryptocurrency theft.”