News, ethical hacking, cyber crime, network security

Cryptocurrency Exchanges Under Attack by Lazarus Through AppleJeus Malware

Cryptocurrency Exchanges Under Attack by Lazarus Through AppleJeus Malware. It’s been recently discovered that the Lazarus Group, an infamous North Korean cyber crime ring (supposedly backed by the government), has been targeting cryptocurrency exchanges, fintech companies and even banks with aggressive attacks involving high-value thefts.

Reports from Kaspersky Lab’s Global Research and Analysis Team have indicated that Lazarus have infiltrated an Asian cryptocurrency exchange, and are using Trojanized software to steal cryptocurrency. Specifically, they’ve been employing a macOS malware known as AppleJeus.


Vulnerability of macOS users


This is the first time the notorious Lazarus Group have been found to target macOS users, who traditionally fall victims to cyber attacks less often than their Windows counterparts. It’s believed that copies of the malware are being downloaded from what seems to be the website of a company who develops cryptocurrency trading software, which otherwise appears to be legitimate from the outset. However, after further investigation researchers have been unable to associate or verify it with a legitimate organization, raising serious questions about its validity.


The malware essentially gathers confidential information and details on the host computer, before sending it back to the command and control server. If the attacker deems it worth pursuing, they prompt for an update which installs Fallchill, a Trojan which provides almost unlimited access to the device, allowing information and data theft. From the user’s perspective, it simply seems like a standard software update.

Serious warnings are being issued

Kaspersky Lab seriously advises businesses and individuals like to not trust code simply based on digital certifications, a seemingly valid company profile and a genuine looking website – because these can still shield a malicious group seeking to cause serious damage through their attacks.

Businesses in particular are recommended to employ comprehensive and advanced security solutions to protect their networks and infrastructure, and to use multi-factor authentication for significant financial transactions.

Get real time updates directly on you device, subscribe now.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy