Kaspersky Warns Notorious North Korea Hackers Still Targeting Exchanges

written by

Kaspersky Warns Notorious North Korea Hackers Still Targeting Exchanges

Support free journalists: > send a tip

Russian-based cybersecurity and anti-virus provider Kaspersky Lab has warned that hacker groups believed by many to be backed by North Korea are still focusing their attacks on cryptocurrency exchanges. Furthermore, the hackers are learning new tactics quickly to overcome detection.

The anti-virus company said yesterday that these attacks were mainly financially motivated, with the infamous Lazarus APT hacker group mainly targeting financial institutions, especially crypto exchanges:

“Financial gain remains one of the main goals for Lazarus, with its tactics, techniques, and procedures constantly evolving to avoid detection.”

The company referenced its research publication from mid-2018, which highlighted the main vehicle for scamming: using a fake company and a product with a backdoor. Lazarus APT was also known to have a new ability to target Mac OS systems, and this was especially important, as many are misled to think the OS is safer than more popular Windows products.

A new operation has since been discovered from as early as November 2018, which uses what Kaspersky Lab calls a “Macro-weaponized document” to infect users via the PowerShell script to control Windows systems and Mac OS malware for Apple users.

The firm described Lazarus as well-organized, demonstrated by the sophistication of their malware population:

“… not only have we seen them build redundancy to reserve some malware in case of in-operation hot spare replacement of ‘burnt’ (detected) samples but they also conform to specific internal standards and protocols when developing backdoors. This case is no different. They have developed custom PowerShell scripts that communicate with malicious C2 servers and execute commands from the operator. The C2 server script names are disguised as WordPress (popular blog engine) files as well as those of other popular open source projects.”

Users are recommended to be more cautious and to exercise extra caution when using or installing third-party apps and software on both Windows and Mac OS systems.


Follow BitcoinNews.com on Twitter: @bitcoinnewscom

Telegram Alerts from BitcoinNews.com: https://t.me/bconews

Want to advertise or get published on BitcoinNews.com? – View our Media Kit PDF here.

Image Courtesy: bitcoinnews.com

Help spread this article :)


Opinions expressed are entirely their own and do not necessarily reflect those of BitcoinNews.com

For informational purposes only. Individuals and entities should not construe any information on this site as investment, financial, legal, tax, accounting or other advice. Information provided does not constitute a recommendation or endorsement by BitcoinNews.com to buy or sell bitcoin, cryptocurrencies or other financial instruments. Forecasts are inherently limited and cannot be relied upon. Do your own research and consult a professional advisor. The opinion of authors do not reflect those of BitcoinNews.com 


Read More Bitcoin News


Join our Newsletter


Latest on Bitcoin News

Video of the Week

Join our Newsletter