A new cybercrime campaign attributed to the North Korean group Lazarus targets internet users and businesses around the world. baptized AppleJeus, the operation tackles crypto-currencies the victims.
The North Korea is suspected by the United Nations of making widespread use of cyberattacks to steal cryptocurrencies and thereby circumvent international sanctions. And in this area, Lazarus is particularly active.
This group of hackers is accused of working for the regime. He is behind several cyberattack campaigns, including one called AppleJeus. The latter was identified by the security editor Kaspersky in 2018.
After phase 1 of AppleJeus, Lazarus evolves its method
The purpose of these attacks: to compromise the victims' computers, on macOS and Windows, and to steal bitcoins and other digital assets. Lazarus doesn’t seem to be willing to abandon this market. According to Kaspersky, AppleJeus remains active.
The editor even observes an evolution of the methodology of attack of the pirates. They have, for example, changed the malicious program intended for machine infection Apple, including adding an authentication mechanism.
The purpose here is to reduce the risk of malware detection. On the side of Windows also, Lazarus has made its attack more complex through a multi-step infection procedure, security experts point out.
“We believe that the Lazarus group was more careful in his attacks after the exit from the operation AppleJeus and that he used a number of methods to avoid being detected, "they note.
Cryptocurrency firms under attack
Different malware is used today by the same cybercriminals to steal cryptocurrencies. Kaspersky identified a Windows version of the malware UnionCryptoTrader, also found on macOS.
Hackers in particular used the secure messaging application Telegram to distribute this software and attempt to run it on their target's computer. Kaspersky also warns against fake sites related to blockchain and cryptocurrencies. These are actually used to abuse visitors and install malware.
“We were able to identify several victims in this sequel to Operation AppleJeus. The victims have been recorded in the United Kingdom, Poland, Russia and China. Additionally, we were able to confirm that several of the victims are linked to cryptocurrency business entities, ”concludes Kaspersky.
Related posts:
Why do cryptocurrency Exist – Institutions 
Bitcoin and independent property rights 
NASDAQ on market manipulation: Everyone is now talking about regulating bitcoin and cryptocurrency 
Pilot Porsche on Ethereum blockchain to trace provenance materials 
Xfers from Singapore is going to use blockchain Zilliqa 
Make your own tokens with the Guarda wallet
