Lazarus group, Hackers from North Korea have attacked an Asian cryptocurrency exchange with malware for both macOS and Windows users, as reported by Kaspersky Lab on Thursday, 23rd August.
Kaspersky is an internet security and antivirus firm from Russia. It’s claimed to be the largest privately-owned cybersecurity company, and one of the fastest growing in the world. The company operates across 200 countries with 37 offices in 32 countries.
As per a report by the antivirus vendor, the hacks were performed by Lazarus, a hacking group that is known for its attack on Sony Films in 2014. ITs recent attack has targeted crypto users as malware by the name of ‘AppleJeus’ infected the systems of an unnamed crypto exchange after a “tainted” app was downloaded by an employee.
This research got posted on Securelist, the company’s media outlet and reported that during the investigation it found something “unexpected.” The infected application that the victim had downloaded was a cryptocurrency trading platform which was “recommended to the company over email.”
The report also notes that this hack to steal cryptocurrencies is a first by North Korean hackers in the crypto space. These hackers “went an extra mile” to get through the OS platform by developing a malware explicitly targeting other platforms like macOS, as noted in the report.
“A version for Linux is apparently coming soon, according to the website. It’s probably the first time we see this APT group using malware for macOS,” mentions the report.”
In a conversation with Bleeping Computer, the head of Kaspersky’s Great APAC team Vitaly Kamluk said that “the fact that they developed malware to infect macOS users in addition to Windows users and – most likely – even created an entirely fake software company and software product in order to be able to deliver this malware undetected by security solutions, means that they see potentially big profits in the whole operation.”