Crypto Exchange targeted by possible North Korean hackgroup Crowdfund Insider



Internet security company Kaspersky Lab has claimed that hackers who may have ties to North Korea have reached an unnamed crypto-exchange with malware targeting macOS.

The Kaspersky lab attributes the latest hack to the Lazarus hack group.

According to Wikipedia, the Lazarus Group earned its chops in cyber attacks on banks in Ecuador, Vietnam, Poland, Taiwan and Mexico.

Then, in 2016, the group tried to crack a breathtaking $ 851 million USD from the Central Bank of Bangladesh and made success with $ 81 million.

The Lazarus Group also initiated several cyber attacks against South Korean governmental and industrial targets between 2009 and 2013 and has recently been bound by the threat record information company Recorded Future to attacks on the South Korean crypto exchanges Bitthumb, Youbit and Coinlink .

Wikipedia, says Kaspersky Lab (KL), was the first to tie the group to North Korea, although KL has also admitted that the code indicating a North Korean source for various malware linked to Lazarus is in fact a false flag intended to is to deceive researchers.

Especially the last attack on the nameless crypto-exchange is one of only a few known cases of malware that have been successfully deployed against macOS systems.

Kaspersky Lab claims that Lazarus also promised a future version of the malware for Linux systems, something Kaspersky calls "a wake-up call for users of non-Windows platforms."

The malware in question would have taken the form of a "trojanized cryptocurrency trading application … recommended to the company via e-mail."

An exchange employee was successfully tempted to "download an application from a third party" who led him or her to a "legitimate-looking" crypto-trade interface.

There, the employee's computer came into contact with malware that was designed to infect the entire exchange system and remove crypto from the platform.

Vitaly Kamluk from Kaspersky Lab told Empty the computer"We assume that the threat has been restricted on the basis of our report."

Kamluk added, however, that the extensive nature of the attempted exchange hack suggests that Lazarus sees great potential in this type of exploitation:

"The fact that they … even made a completely fake software company and software product to deliver this malware that is not detected by security solutions, means that they may see big gains throughout the operation, and we certainly need more such cases expect in the near future. "


Source link

Leave a Reply