Lazarus hackers strike again

Digital currencies, which are mostly decentralized, always distributed and secured with a cryptographic protocol. Bitcoin was the very first cryptocurrency.

Continue reading

-“href =” https://decentralbox.com/bitcoin-glossar/kryptowaehrung/ “> cryptocurrencies to steal.

The group has targeted cryptocurrencies before, but this time the methodology is different. To remain undetected, Lazarus uses malware that runs in memory instead of from the hard drive. The researchers warn that Lazarus is now using the popular messaging app Telegram as one of its main points of attack – probably due to the large crypto community that can be found there.

This is how an attack works

Security researchers refer to the new initiative as “Operation AppleJeus Sequel”. A further development of the AppleJeus campaign, which was uncovered in 2018 and ran throughout 2019. But one thing remains the same: Campaigns continue to use fake crypto trading companies to attract victims. The bogus companies even have websites with links to equally fake telegram trading groups.

In addition, in one case a Windows system became malicious payload infected that was transferred to the device via Telegram Messenger. Once the system is infected, attackers can remotely access the device and snatch the cryptocurrencies inside. Kaspersky found out a number of these fake crypto trading websites during the research. So far, the researchers have also identified some victims residing in the UK, Poland, Russia and China. Several affected parties have been shown to be crypto companies. The value of the coins that Lazarus stole in this campaign is currently unknown.

According to a UN report released last August, North Korean hackers are believed to have stolen $ 2 billion from hacking foreign financial institutions and crypto exchanges. With the updated tactics for his campaign, Lazarus doesn’t appear to be easing.

–