A group of hackers, known as JINX-0164, has been contacting crypto developers via LinkedIn and inviting them to fake meetings that lead to the infection of their machines with custom macOS malware.
The malware steals login credentials and hijacks the pipelines developers use to build and deploy software. Cloud security firm Wiz published its findings on May 27, 2026.
Fake meeting link drops AUDIOFIX malware on devs machines
Wiz’s incident response team linked the group to attacks going back to at least mid of 2025.
Attackers reach out to a developer on LinkedIn using a profile that looks legitimate, suggest a business call, and send a link to a fake website made to look like Microsoft Teams or a similar video conferencing tool.
AUDIOFIX is the macOS virus that silently starts installation when a victim clicks on what they believe to be a meeting URL. It operates on Intel and Apple Silicon Macs and is delivered via a script stored on a fake Apple site. The virus sets itself up to continue operating after a restart, poses as a system audio component, and interacts with the attackers over HTTPS.
Once it is on the machine, it collects saved passwords from the macOS Keychain, browser credentials, SSH keys, cloud access tokens for AWS, GCP, and Azure, and crypto wallet data. Additionally, Wiz discovered that the attackers were directly phishing for passwords and storing them in encoded files.
JINX-0164 differs from other infostealers because it goes after internal code repositories and development infrastructure.
In a case study from early 2026, Wiz documented how the attackers used stolen GitHub tokens to extract secrets from CI/CD pipelines with an open-source tool called nord-stream. They then injected their AUDIOFIX malware into internal repositories, impersonating legitimate developers by forging Git commit metadata and pushing malicious code to main branches or hijacking existing ones.
Other developers who pulled and built from those poisoned repos got infected automatically. The organization’s own development workflow became the distribution mechanism. GitHub’s Vigilant Mode, which flags commits lacking verified GPG signatures, caught the impersonation in at least one case.
The group also carried out a confirmed supply chain attack on a public npm package. On April 7, 2026, JINX-0164 trojanized version 4.9.1 of @velora-dex/sdk, injecting a base64-encoded command that fetched and executed a remote script deploying MINIRAT. That’s a lightweight Go-based backdoor focused on persistence and remote command execution.
Attackers target cash and code from crypto devs
AUDIOFIX and MINIRAT share command-and-control domains like datahub[.]ink, cloud-sync[.]online, and byte-io[.]us. The attackers route their activity through Mullvad VPN, Astrill VPN, and ExpressVPN to hide their real location.
Wiz found some tactical similarities with North Korean threat clusters UNC1069 and Sapphire Sleet, but found no direct infrastructure overlap. They’re calling JINX-0164 a distinct and financially motivated threat actor.
In May, hackers compromised 170+ npm and PyPI packages, including the official Mistral AI Python library. That attack exposed GitHub tokens and cloud credentials owned by crypto and AI developers. This was also the first documented case of malicious packages carrying valid SLSA Build Level 3 provenance attestations, breaking the cryptographic trust model meant to verify build integrity.
Hacking crypto and AI developers usually leads to cash and valuable code. Crypto labs/companies should strengthen cybersecurity measures and review their CI/CD pipelines for any unauthorized access or malicious activities. Unauthorized GitHub actions, commits with unverified signatures and unusual VPN connections are all warning signs. Developers who joined meetings sent via LinkedIn should scan their computers for viruses.