Kaspersky Lab Says North Korea Hacked a Crypto Exchange with AppleJeus MacOS Malware
Kaspersky Lab Announces that North Korean Hackers Infected Crypto Exchange with Malware
The ongoing issues facing crypto exchanges are quite well documented in all major news platforms. Security breaches and cyber attacks are frequent, with some leading to complete closure of the affected exchange. In some cases, the exchanges will suddenly stop working with no forewarning to investors and traders. However, hacking is still a significant concern as Kaspersky Lab recently discovered. Find out more details here below.
According to Kaspersky Lab, hackers in North Korea successful infected a crypto exchange with malicious malware that would affect both MacOS and Windows. In the detailed report, the Russian based security company revealed that the malware is named AppleJeus and it infected an unidentified exchange after a worker downloaded a contaminated application. Kaspersky believes that the source of the malware was a fake software developer who had counterfeit security certificates as part of a massive operation by Lazarus Group, a hacker collective based in North Korea.
The AppleJeus malware was designed to steal crypto funds, according to the Kaspersky report. It was a significant breach of security that is part of the most recent spate of numerous attempts by hackers in the North Korea cryptocurrency hacking space.
The report stated that the hackers were very skilled and dedicated to making the breach as they went an extra mile to develop malware for all platforms, for both MacOS and Windows. The aim was to guarantee that the user’s OS platform would not be a barrier and therefore allow infecting of all targets. Kaspersky noted that the malware developers had even developed a Linux version, but it was indeed the first instance that they targeted the MacOS platform.
Crypto exchanges based in South Korea have long been targets for the Lazarus group, with plenty of security complaints by various platforms, like Coinlink, Bithumb and YouBit. According to a Kaspersky manager, Vitaly Kamluk, the hackers were very keen on infecting users on all platforms, including even creating a phony software product and software company to deliver the malware in an undetectable format, thus implying that they see prospectively considerable returns in the entire operation.
This recent attack is similar to one that was reported in July where security researchers discovered severe MacOS malware threats that targeted Discord and Slack users who were discussing cryptocurrencies. In this case, the hackers impersonated crypto experts and shared small downloadable snippets that contained the malicious hack.