Hacker Group Lazarus Breached an Asian Crypto Exchange Via Mac Malware

Hacker Group Lazarus Breached an Asian Crypto Exchange Via Mac Malware
фото показано с : blokt.com

2018-8-28 12:49

It is a never-ending cat-and-mouse game between crypto exchanges and hackers. While exchanges will do their best to secure their clients’ digital assets, hackers will inevitably find some system vulnerability to exploit. Recently, North Korean hacker group Lazarus was reported to have successfully breached an Asian-based crypto exchange, but it is yet unclear if there is any financial loss resulting from the incident.

Lazarus Group Deploys First-Ever Mac Malware

North Korea’s Lazarus Group was reported to have just deployed its first Mac malware, according to a report by Bleeping Computer. Unfortunately for crypto holders, Lazarus’ target this time is a cryptocurrency exchange platform based in Asia. But the report failed to identify which exchange was breached by the hackers.

The hack was confirmed by Russian antivirus company Kaspersky Lab via an email, according to the publication. Kaspersky, which analyzed the aftermath of the crypto exchange’s hack, also said that it might have even been Lazarus’ first-ever Mac malware.

Unfortunately, even the Russian antivirus vendor is yet unclear if there were financial loss involved. In the email, Kaspersky Lab’s Vitaly Kamluk told Bleeping Computer:

“The company was breached successfully, but we are not aware of any financial loss. We assume the threat was contained based on our notification.”

Trojan App Downloaded by Employee

Based on Kaspersky’s investigations, the hack, which was codenamed Operation AppleJeus, was triggered by a trojan. Apparently, the employee downloaded a crypto trading app from a legitimate-looking site claiming to be a software firm.

Unfortunately, the app that the crypto exchange employee downloaded was fake. What’s worse is that it contained malware called Fallchill, a remote access trojan that the Lazarus Group deployed back in 2016 for Windows OS. It was the first time that Kaspersky encountered a Mac version of Fallchill.

According to investigators, Lazarus’ method to introduce Fallchill into their targeted system is particularly sneaky. The trojan itself is not embedded in the crypto app, which makes it undetectable at first. Lazarus made some revisions to the app’s update component, allowing it to download Fallchill at a later date.

While Kaspersky did not identify which crypto exchange was targeted by the AppleJeus hack, it gave out some clues. According to Kamluk, the exchange is not based in South Korea:

“We are aware of waves of attacks on supply chains in South Korea this year, but AppleJeus is unrelated to these attacks. The victim was not located in South Korea.”

Hacker Group Lazarus Breached an Asian Crypto Exchange Via Mac Malware was originally found on [blokt] - Blockchain, Bitcoin & Cryptocurrency News.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Emerald Crypto (EMD) на Currencies.ru

$ 0 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 4.67 %
Cегодня L: $0 - H: $0
Капитализация $0 Rank 99999
Цена в час новости $ 0.0075821 (-100%)

crypto exchange group hacker lazarus breached exchanges

crypto exchange → Результатов: 126


Фото:

Figure Markets Unveils its Global Crypto Exchange, Offering 8% Yield Opportunity

A new global crypto exchange is shaking up the market with competitive leverage options and yield-earning cash sweeps. It allows users to earn up to 8% on their cash and stablecoin balances. Figure Markets, a prominent player in the decentralized custody space for digital assets, has officially launched its global crypto exchange from the Cayman […]

2024-9-18 13:24


Фото:

Bybit announces France exit citing regulatory developments

Bybit is winding down its services in France, with the crypto exchange citing recent regulatory developments for the decision. The crypto exchange, which ranks among the world’s leading crypto exchanges and trading platforms by volume, also released a timeline of when the services and products will be unavailable to its users in the country. “In […]

2024-8-3 13:00


Scorpion Casino Begins Exchange Launches After $10M+ Presale – The Next Crypto to Pump?

Scorpion Casino, the highly anticipated crypto project, has kicked off its exchange listing spree after a successful presale campaign that raised over $10 million. This impressive achievement has set the stage for what could be one of the most remarkable crypto pumps in recent times, fueled by the project’s strategic exchange listings and the anticipation […] The post Scorpion Casino Begins Exchange Launches After $10M+ Presale – The Next Crypto to Pump? appeared first on CaptainAltcoin.

2024-4-26 12:30