Saturday, July 11, 10:43
Home security The Lazarus team is still targeting cryptocurrency transactions

The Lazarus team is still targeting cryptocurrency transactions


According to her researchers Kaspersky, who analyzed them attacks made by the team Lazarus over the past 18 months, it has been confirmed that the North Korean-related group is primarily targeting cryptocurrency transactions.

As experts have discovered security in mid-2018, the team targeted cryptocurrency companies and transactions through a campaign called Operation AppleJeus, which aimed to deploy an infected cryptocurrency trading application.

Following the release of Operation AppleJeus, the Lazarus team launched further attacks against cryptocurrency companies, using similar tactics. Researchers identified more malware similar to Operation AppleJeus.

The three macOS installers analyzed by Kaspersky use a similar scenario after installation and when executing the second phase payload. However, the researchers noticed a different kind malware macOS, the MarkMakingBot.dmg (be37637d8f6c1fbe7f3ffc702afdfe1d), created on 12-03-2019.

Malware does not have an encryption / decryption routine for network communication, which indicates that it is still under development.

Experts pointed out that while their malware Windows used in the campaign only had minor changes, malware MacOS changed drastically.

Recently, Kaspersky detected a new macOS malware that used a malicious application called UnionCryptoTrader. The version of Windows for the same malware is running from its file download folder Telegram.

Some of the payloads were executed in memory, with the backdoor payload being delivered to the final step of the attack chain.

Kaspersky identified several victims of AppleJeus, most of them in the United Kingdom, Poland, Russia and China, with experts pointing out that many of them are affiliated with cryptocurrency business entities.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


Create an imaginative meme and win a OnePlus Nord

One of the most anticipated financial smartphones of OnePlus, the OnePlus Nord, is going to be presented soon at an event that will take place ...

Sony: Invest $ 250 Million in Fortnite Epic Games!

Sony has made an investment of $ 250 million to acquire a 1,4% stake in Epic Games, ...

C-Data FTTH OLT devices contain backdoors

Serious vulnerabilities and backdoors were discovered by two security researchers in the firmware of 29 FTTH OLT devices, the popular equipment provider C-Data.

Spotify, Pinterest and Tinder are "crashing" because of D. Facebook

Popular applications and services, such as Spotify, Pinterest and Tinder, have cracked iOS devices ....

Technology and Teachers: What Do Experts Appreciate?

Too many educators around the world have struggled to adopt the technological tools in the midst of the pandemic to deliver lessons ...

COVID-19 apps: Virus detection applications violate privacy

COVID-19 apps: Beware, they violate private privacy Virus detection applications violate private privacy by recording more data than they need, setting ...

Debian 8 “Jessie”: Another version in End-of-life stage

After a long support of Debian 8 "Jessie", the development team of the operating system announced that it stops ...

Conti ransomware: Is it the successor to Ryuk ransomware?

Conti ransomware is a new threat targeting corporate networks. Its advanced capabilities allow it ...

Smartwatch tracker that helps vulnerable people can be hacked

Researchers have uncovered a number of serious security issues in a smartwatch tracker used in applications, including services designed for ...

WhatsApp: QR codes help you communicate with businesses

Facebook's messaging service, WhatsApp, has introduced two new features to help businesses ...