Wednesday, April 8, 20:17
Home security The Lazarus team is still targeting cryptocurrency transactions

The Lazarus team is still targeting cryptocurrency transactions


According to her researchers Kaspersky, who analyzed them attacks made by the team Lazarus over the past 18 months, it has been confirmed that the North Korean-related group is primarily targeting cryptocurrency transactions.

As experts have discovered security in mid-2018, the team targeted cryptocurrency companies and transactions through a campaign called Operation AppleJeus, which aimed to deploy an infected cryptocurrency trading application.

Following the release of Operation AppleJeus, the Lazarus team launched further attacks against cryptocurrency companies, using similar tactics. Researchers identified more malware similar to Operation AppleJeus.

The three macOS installers analyzed by Kaspersky use a similar scenario after installation and when executing the second phase payload. However, the researchers noticed a different kind malware macOS, the MarkMakingBot.dmg (be37637d8f6c1fbe7f3ffc702afdfe1d), created on 12-03-2019.

Malware does not have an encryption / decryption routine for network communication, which indicates that it is still under development.

- Advertisement -

Experts pointed out that while their malware Windows used in the campaign only had minor changes, malware MacOS changed drastically.

Recently, Kaspersky detected a new macOS malware that used a malicious application called UnionCryptoTrader. The version of Windows for the same malware is running from its file download folder Telegram.

Some of the payloads were executed in memory, with the backdoor payload being delivered to the final step of the attack chain.

Kaspersky identified several victims of AppleJeus, most of them in the United Kingdom, Poland, Russia and China, with experts pointing out that many of them are affiliated with cryptocurrency business entities.

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


Please enter your comment!
Please enter your name here


OTEAcademy: Telecommunication Program for Scientists & Freelancers, affected by COVID-19

OTEAcademy participates in the special telecommunication program - certification for scientists and freelancers affected by COVID-19.

Facebook wanted to buy Pegasus Spyware to track Apple users

According to NSO CEO Shalev Hulio, Facebook tried to buy ...

7 apps to watch movies online at the same time as your friends

According to the recommendations made by governments and health organizations around the world, ...

Tesla's model uses solar energy to move

The designs for a Tesla Roadster, with an engine that uses solar energy, were recently released on the internet and ...

George Soros is pushing for a postal vote due to COVID-19

George Soros pushes for postal voting due to COVID-19: For the purposes of the vote, George Soros-funded Brennan Center ...

Sony: Reveals the new DualSense controller for the PS5!

Together with the fifth model Playstation, PS5, Sony has unveiled the new DualSense space controller, which retains some of the ...

Koronoios: Fraudsters sell blood and saliva from a survivor on the Dark Web

The ad on Own Shop, a store on the Dark Web, claims that someone has been infected with coronavirus and is now selling ...

UbuntuDDE: Ubuntu Linux with Deepin desktop

UbuntuDDE: Ubuntu Linux with Deepin desktop- Have you ever wondered what would happen if you combined the powers ...

Facebook: Launches new chat application for couples due to COVID-19!

As the governments of a large number of countries have taken measures of social distancing and lockdown, in an effort to limit ...

Netflix: Lock your PIN account for more security

Netflix: Lock your PIN account for more security - Netflix, one of the best known ...