Lazarus Group is at it again with new malware.
Microsoft and cybersecurity firm Volexity have traced a new version of AppleJeus malware to the hackers behind the Ronin exploit and numerous other online heists.Microsoft reports that a threat actor has been identified targeting cryptocurrency investment startups. A party Microsoft has dubbed DEV-0139 posed as a cryptocurrency investment company on Telegram and used an Excel file weaponized with “well-crafted” malware to infect systems that it then remotely accessed.
The threat is part of a trend in attacks showing a high level of sophistication. In this case, the threat actor, falsely identifying itself with fake profiles of OKX employees, joined Telegram groups “used to facilitate communication between VIP clients and cryptocurrency exchange platforms,” Microsoft“We are […] seeing more complex attacks wherein the threat actor shows great knowledge and preparation, taking steps to gain their target’s trust before deploying payloads.
In October, the target was invited to join a new group and then asked for feedback on an Excel document that compared OKX, Binance and Huobi VIP fee structures. The document provided accurate information and high awareness of the reality of crypto trading, but it also invisibly sideloaded a malicious .dll file to create a backdoor into the user’s system. The target was then asked to open the .dll file themselves during the course of the discussion on fees.
DPRK’s infamous Lazarus Group has developed new and improved versions of its cryptocurrency-stealing malware AppleJeus, marking the regime’s latest attempt to garner funds for Kim Jong-un’s weapons programs.
Österreich Neuesten Nachrichten, Österreich Schlagzeilen
Similar News:Sie können auch ähnliche Nachrichten wie diese lesen, die wir aus anderen Nachrichtenquellen gesammelt haben.
North Korean Lazarus Group Linked to New Cryptocurrency Hacking Scheme – Security Bitcoin NewsCybersecurity firm Volexity also found Lazarus changed the technique to deliver this malware to final users in October, using excel documents to infect third parties and steal cryptocurrency.
Weiterlesen »
North Korea reportedly fires 130 artillery rounds, violating inter-Korean agreementNorth Korea allegedly fired more than 100 artillery rounds into the sea off both its coasts on Monday morning, violating a 2018 agreement.
Weiterlesen »
North Korea executes teenagers for distributing South Korean TV, movies: reportKorean media, citing witnesses, reports that North Korean authorities executed two teens for the crime of watching and distributing South Korean movies.
Weiterlesen »
American Legion in Wasilla honors WWII, Korean War veteransThe post holds its annual dinner every year in early December to loosely align with the anniversary of the attack on Pearl Harbor, which occurred on Dec. 7, 1941.
Weiterlesen »
Dogs that were rescued from South Korean meat farm are ready for adoptionA pair of pups rescued from a South Korean meat farm and later taken in by Anderson Humane, along with a dog from Florida, are ready for adoption from the South Elgin shelter.
Weiterlesen »
Video does not show Korean tourist 'overcharged' at Sri Lankan railway stationMultiple misleading posts on Facebook shared by Sri Lankan users feature a YouTube video by a Korean travel blogger who visited Sri Lanka. The posts claimed the tourist was 'scammed' by train station staff who charged him a higher price when he purchased a ticket to travel from the capital Colombo to the southern Sri Lankan town of Galle. The blogger later clarified that the situation had stemmed from a misunderstanding and that he had not been scammed. The country has revised train fares but had yet to print updated tickets with the new price, instead continuing to use the old ones, a fact corroborated by the railway authorities.
Weiterlesen »