Fun

North Korean Lazarus Group Linked to New Cryptocurrency Hacking Scheme

News Feed - 2022-12-05 11:12:21

North Korean Lazarus Group Linked to New Cryptocurrency Hacking Scheme


The Lazarus group, a North Korean hacking organization previously linked to criminal activity, has been connected to a new attack scheme to breach systems and steal cryptocurrency from third parties. The campaign, which uses a modified version of an already existing malware product called Applejeus, uses a crypto site and even documents to gain access to systems. Modified Lazarus Malware Used Crypto Site as Facade


Volexity, a Washington D.C.-based cybersecurity firm, has linked Lazarus, a North Korean hacking group already sanctioned by the U.S. government, with a threat involving the use of a crypto site to infect systems in order to steal info and cryptocurrency from third parties.


A blog post issued on Dec. 1 revealed that in June, Lazarus registered a domain called “bloxholder.com,” which would be later established as a business offering services of automatic cryptocurrency trading. Using this site as a facade, Lazarus prompted users to download an application that served as a payload to deliver the Applejeus malware, directed to steal private keys and other data from the users’ systems.


The same strategy has been used by Lazarus before. However, this new scheme uses a technique that allows the application to “confuse and slow down” malware detection tasks. Document Macros


Volexity also found that the technique to deliver this malware to final users changed in October. The method morphed to use Office documents, specifically a spreadsheet containing macros, a sort of program embedded in the documents designed to install the Applejeus malware in the computer.


The document, identified with the name “OKX Binance & Huobi VIP fee comparision.xls,” displays the benefits that each one of the VIP programs of these exchanges supposedly offers at their different levels. To mitigate this kind of attack, it is recommended to block the execution of macros in documents, and also scrutinize and monitor the creation of new tasks in the OS to be aware of new unidentified tasks running in the background. However, Veloxity did not inform on the level of reach that this campaign has attained.


Lazarus was formally indicted by the U.S. Department of Justice (DOJ) in Feb. 2021, involving an operative of the group linked to a North Korean intelligence organization, the Reconnaissance General Bureau (RGB). Before that, in March 2020, the DOJ indicted two Chinese nationals for aiding in the laundering of more than $100 million in cryptocurrency linked to Lazarus’ exploits. Tags in this story applejeus, bloxholder, Crypto, data, department of justice, indicment, indictment, Lazarus, Malware, payload, Theft, volexity


What do you think about Lazarus’ latest cryptocurrency malware campaign? Tell us in the comments section below. Sergio Goschenko


Sergio is a cryptocurrency journalist based in Venezuela. He describes himself as late to the game, entering the cryptosphere when the price rise happened during December 2017. Having a computer engineering background, living in Venezuela, and being impacted by the cryptocurrency boom at a social level, he offers a different point of view about crypto success and how it helps the unbanked and underserved. Hackers Are Taking Advantage of Typing Mistakes to Steal Cryptocurrency SECURITY | Oct 25, 2022 Defi Platform Moola Exploited for $8.4 Million in Incident Described as "Incredibly Simple Attack" SECURITY | Oct 19, 2022


Image Credits: Shutterstock, Pixabay, Wiki Commons Previous articleBitcoin, Ethereum Technical Analysis: BTC Races to 3-Week High on Monday Next articleBiggest Movers: LTC Climbs to Highest Level Since May Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article. Read disclaimerShow comments More Popular NewsIn Case You Missed ItPrivacy-Centric Monero Plans for July Hard Fork, Plans Include Ring Signature, Bulletproof Upgrade


According to a recent update on Monero’s Github repository, the privacy-centric crypto network plans to hard fork in July, at block height 2,668,888. Monero is the largest privacy crypto asset in terms of market capitalization and during the last seven ... read more.FBI Issues Alert Concerning Malicious State-Sponsored North Korean Hackers Targeting Crypto Firms Interest in Real Estate Investments in Spain Grew 400%, With Some Using Crypto and Stocks as Payment Method Survey: Adoption in Argentina Grows, With 12 out of 100 Adults Having Invested in Crypto Terra"s Algorithmic Dollar-Pegged Crypto UST Is Now the Third-Largest Stablecoin

News Feed

Fed Governor Lael Brainard Can’t Imagine Future Without Digital Dollar
Fed Governor Lael Brainard Can’t Imagine Future Without Digital Dollar Pointing to a number of reasons why a digital version of the U.S. dollar should be creat
Ether reaches $4K: Short-lived hype or long-term support?
Marcel Pechman5 hours agoEther reaches $4K: Short-lived hype or long-term support?Ethereum network activity growth supports the momentum, but excessive leverage in ETH futures poses a risk.2479 Total views98 Total shares
Swiss regulator FINMA targets stablecoin issuers in new proposal
Amaka Nwaokocha1 hour agoSwiss regulator FINMA targets stablecoin issuers in new proposalAs stablecoins continue to gain traction globally, regulatory initiatives such as FINMA’s guidance are likely to influence polici
Bitcoin Price Crash Below $100,000 Still Possible: Analysts Issue Downtrend Warnings
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
Fans Can Buy Game Moment NFTs In Person at the NBA Summer League Games in Vegas
Fans Can Buy Game Moment NFTs In Person at the NBA Summer League Games in Vegas Attendees of the upcoming NBA Summer League games in Las Vegas at the Thomas & Ma
Tether’s USDT stablecoin hits historic $100B market cap
Jesse Coghlan1 hour agoTether’s USDT stablecoin hits historic $100B market capThe largest stablecoin by market capitalization has gotten even larger, with Tether hitting a record $100 billion market cap.1713 Total view
Report: Korean Regulator Approves Issuance and Distribution of Security Tokens
Report: Korean Regulator Approves Issuance and Distribution of Security Tokens South Korea’s Financial Services Commission (FSC) has reportedly said that Korean investors wil
Fireblocks launches Web3 startup toolkit amid a surge in new ventures
Alex O’Donnell8 hours agoFireblocks launches Web3 startup toolkit amid a surge in new venturesThe number of startups using the Web3 platform has already increased by some 50%, according to Fireblocks.5732 Total views1
Mad Lads’ Backpack Exchange closes $17 million Series A led by Placeholder VC
Zoltan Vardai11 hours agoMad Lads’ Backpack Exchange closes $17 million Series A led by Placeholder VCThe funds will be used to continue the exchange’s global expansion and further improve products, its founder told
VanEck slashes Bitcoin spot ETF fees to zero amid ATH inflows
Zhiyuan Sun4 hours agoVanEck slashes Bitcoin spot ETF fees to zero amid ATH inflowsSince their inception in January, U.S. spot Bitcoin ETFs have attracted billions in inflows.1699 Total views18 Total sharesListen to arti
Wormhole raises $225M at $2.5B valuation
Zhiyuan Sun9 hours agoWormhole raises $225M at $2.5B valuationThe protocol reached a total value locked of $3.8 billion at its peak.1388 Total views14 Total sharesListen to article 0:00NewsJoin us on social networksCross
Nasdaq-Listed Eqonex Closing Crypto Exchange Due to High Competition, Fallen Volumes
Nasdaq-Listed Eqonex Closing Crypto Exchange Due to High Competition, Fallen Volumes The Nasdaq-listed firm Eqonex is closing its cryptocurrency exchange business. The company cite