BTC Wires: Another crypto exchange falls prey to a major hack, and this time the North Koreans are behind it, says Kaspersky Lab. A ‘first’ of its kind malware has been used to infect both macOS and Windows in a cryptocurrency exchange, claims the Russian internet security company, and they are certain that the North Koreans are behind it. The announcement came out on August 23.
Kaspersky has published a full report titled “ Operation AppleJeus: Lazarus hits cryptocurrency exchange with fake installer and macOS malware”. Lazarus is the name of the collective of a North Korean hackers’ group. The malware they used, to infect the two operating systems, is called “AppleJeus”. An employee, from the unnamed exchange, downloaded a ‘tainted’ app which resulted into the hackers gaining access into the exchange. It is believed that Lazarus posed as a fake developer with a fake security certificates, and prompted the employee to download the app.
The entire operation was planned on a major scale because the hackers went an extra mile just to develop a malware that could infect macOS too. The report further states:
“A version for Linux is apparently coming soon, according to the website. It’s probably the first time we see this APT group using malware for macOS.”
Vitaly Kamluk, head of Kaspersky’s GReAT APAC team, added:
“The fact that they developed malware to infect macOS users in addition to Windows users and – most likely – even created an entirely fake software company and software product in order to be able to deliver this malware undetected by security solutions, means that they see potentially big profits in the whole operation
On previous occasions, South Korea bore the brunt of Lazrus’s attacks and they complained about platforms like GitHub, YouBit and other such platforms being hacked by this notorious group. No one knows which crypto exchange was the victim here, but if we are to go by what happened in the past, all the fingers point towards a possibility of it being a South Korean exchange.
Leave a Comment