A North Korean based hacking group called Lazarus has apparently deployed a malware recently and is using the MacOS platform for the first time. It seems that the group has bypassed the IT systems of an Asian cryptocurrency exchange platform.
A codename called AppleJeus was used to refer to the hacking operation. The penetration occurred when one of the employees of a crypto exchange downloaded an app from a reportedly legitimate website.
The site claimed to be an organization, which is designing digital currency trading software. The app turned out to be a fake one and the computer of the said employee was infected with a malware.
In fact, the downloaded app had FallChill, a remote Trojan Horse and is known to belong to the Lazarus Group. It dates back to 2016 and was sent to infect live campaigns on the first occasion. The Mac malware was also deployed by the hackers that were strange coming from the group because the malware was concealed in the same cryptocurrency exchange software.
According to some security researchers, the malware could not be seen inside the affected app because the hackers could have changed the update component. However, the key issue is that a valid digital certificate signed the infected app thus enabling it to pass through the security scans.
Hacking Incident Wake-Up Call For All
According to Kaspersky experts, they could not prove the address of the certificate, Cyber Security News wrote. They mentioned that the penetration should be a big lesson for everyone. It should be also a wake-up call for all such businesses that depend on software from third parties.
While Kaspersky Labs did not pinpoint the particular cryptocurrency exchange that was hacked, it did say that many crypto exchanges have incurred huge losses due to malware and hacking activities. Some such recent hacks involved Coinrail, YouBit, Yapizon, and Bithubm.
The post Hacking Group Lazarus Penetrates IT System Of Cryptocurrency Exchange appeared first on OWLT Market.
from OWLT Market https://ift.tt/2PCxwLB
via IFTTThttps://ift.tt/2OlCCL9
No comments:
Post a Comment