Skip to content

Targeted Attacks Against The Cryptocurrency Industry

Table of Contents

Microsoft and cybersecurity firm Volexity have traced a new version of AppleJeus malware to the hackers behind the Ronin exploit and numerous other online heists.
Microsoft reports that a threat actor has been identified targeting cryptocurrency investment startups. A party Microsoft has dubbed DEV-0139 posed as a cryptocurrency investment company on Telegram and used an Excel file weaponized with “well-crafted” malware to infect systems that it then remotely accessed.
The threat is part of a trend in attacks showing a high level of sophistication. In this case, the threat actor, falsely identifying itself with fake profiles of OKX employees, joined Telegram groups “used to facilitate communication between VIP clients and cryptocurrency exchange platforms,” Microsoft wrote in a Dec. 6 blog post.
he attack technique itself has long been known. Microsoft suggested the threat actor was the same as the one found using .dll files for similar purposes in June and that was probably behind other incidents as well. According to Microsoft, DEV-0139 is the same actor that cybersecurity firm Volexity linked to North Korea’s state-sponsored Lazarus Group, using a variant of malware known as AppleJeus and an MSI (Microsoft installer). The United States federal Cybersecurity and Infrastructure Security Agency documented AppleJeus in 2021 and Kaspersky Labs reported on it in 2020.
Related: North Korean Lazarus Group allegedly behind Ronin Bridge hack
The U.S. Treasury Department has officially connected Lazarus Group to North Korea’s nuclear weapons program.
North Korean Lazarus Group is targeting crypto funds with a new spin on an old trick
Cybersecurity analysts have identified North Korean state-sponsored hackers Lazarus Group behind malware that targeted cryptocurrency investment startups in October.
Full article can be read here.

#APT  #Campaign #NorthKorea #Cryptocurrency #Finance #IoCs

Latest

Szele Tamás: Blokádtörők

Szele Tamás: Blokádtörők

A szankciók működnének – ha nem sértenék meg őket. Ahogy a régi mondás tartja: mindenre van törvényünk, csak egyetlen hiányzik – az, ami kimondaná, hogy a törvényeket be kell tartani.

Members Public
Szele Tamás: Az ISIS-K Moszkvában

Szele Tamás: Az ISIS-K Moszkvában

Az orosz–ukrán ellentét tengelyén horizontálisan gondolkodó rendszert vertikális támadás érte, derült égből iszlám terror, és most nem tud mit kezdeni vele, erre nem számított.

Members Public
Szele Tamás: Zavaros vizeken

Szele Tamás: Zavaros vizeken

Távolról sem biztos, hogy az a 46. kínai flotta csak azért van ott, hogy a kínai hajókat védje. Lehet, hogy a houthikat is megvédenék szükség esetén.

Members Public