Unit 42 has uncovered a campaign leveraging a previously unreported customized dropper that is being used to deliver lures primarily pertaining to the South Korea and North Korea region. These lures revolve around a series of subjects, including various cryptocurrencies, cryptocurrency exchanges, and political events. Based on various information witnessed within this dropper, Unit 42 has dubbed this malware family CARROTBAT.