The Lazarus hacker group continues …

The Lazarus hacker group continues …

Lazarus hacker group continues to attack cryptocurrency holders, now on Telegram

The North Korean hacker group Lazarus, with which many cyber attacks have been linked in recent years, including against users of cryptocurrencies and exchanges, is making itself felt again, Kaspersky Lab experts report..

This time, cybercriminals have significantly changed the methodology of attacks, but their main area of ​​interest is still cryptocurrencies. They registered a non-existent company to supply malicious files to macOS users, and added an authentication mechanism that allows for careful data transfer in the next step, and also learned how to boot into memory without accessing the device’s disk. In addition, Windows data loaders have undergone significant revisions..

One example of such a malware is the UnionCryptoTrader program, which is supplied as a trading platform for smart cryptocurrency arbitrage, but in reality steals confidential user data..

Image: Securelist.com

Analysts note that hackers are increasingly using the Telegram messenger, a favorite means of communication for cryptocurrency traders, to spread their malware..
Several fake ICO sites and trading platforms were discovered that contained links to attacker groups on Telegram.

Image: Securelist.com

Image: Securelist.com

The Lazarus hacker group continues ...

Among the victims of the attack, dubbed “Operation AppleJeus Sequel” as a continuation of “Operation AppleJeus” 2018, Kaspersky Lab singles out the residents of the UK, Poland, Russia and China.

Image: Securelist.com

“We can see that since the initial appearance of Operation AppleJeus, the authors have significantly changed their handwriting. We assume that these types of attacks on the cryptocurrency business will continue and become more sophisticated, “add analysts.

Earlier, the UN said that North Korea raised about $ 2 billion from hacking of cryptocurrency exchanges and banks in order to finance its nuclear program..

The Lazarus hacker group continues ...
The Lazarus hacker group continues ...

Similar articles

admin