Alleged North Korean hackers known as the Lazarus Group have hacked a crypto exchange, in what is now being called Operation Applejeus by Kaspersky Lab, who has done an in-depth study on this hacking. Lazarus Group has a long history of attacks on South Korea, banks and crypto exchange since 2007.
Operation Applejeus marks the first time that Lazarus Group has created malware for Mac OS, since they wanted to be sure that there was no operating system barrier for people downloading the malware. For jeus, the codename the hacker gave to this program, they updated a powerful piece of malware known as Fallchill that has been attributed to Lazarus Group in the past.
The group went to great lengths to make crypto trading software and an associated crypto website that looked completely legitimate. They went as far as having proper digital signatures and company info, although upon further research, it was revealed that the company’s address was in the middle of the woods. There were many levels of encryption and spoofing to disguise the malware, which was fully functional as a crypto trading app.
An employee of an undisclosed crypto exchange downloaded the software believing it to be legitimate, leading to the hack. Applejeus sends info from an infected computer to Lazarus Group, believed to be aiming at private keys which would give Lazarus Group the ability to transfer crypto out of hacked wallets.
For Lazarus Group, the only difference from past incidents is they are getting progressively more advanced. In 2009, Lazarus Group began a 3-year distributed denial of service (DDoS) attack on the South Korean government and the United States. During the “Ten Days of Rain”, the Lazarus Group used highly sophisticated attacks to ruin critical infrastructure in Seoul. The Lazarus Group has stolen USD 12 million from Banco del Austro in Ecuador, USD 1 million from Tien Phong Bank in Vietnam and USD 60 million from the Far Eastern International Bank of Taiwan.
More recently, since the crypto rally in 2017, the Lazarus Group has been focusing their efforts on stealing cryptocurrency. They hacked USD 7 million from Bithumb and stole so much from Youbit that it had to declare bankruptcy. Both of these are South Korean exchanges.
Lazarus Group is incredibly sophisticated and anonymous and have escaped detection. Crypto users worldwide have to be careful not to download 3rd party applications that aren’t from extremely trusted sources, no matter how legitimate the applications look.
Follow BitcoinNews.com on Twitter: @bitcoinnewscom
Telegram Alerts from BitcoinNews.com: https://t.me/bconews
Image Courtesy: Pixabay