North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps

data breach


network threats

AI generated Image

The Lazarus Group threat actor has been observed leveraging fake cryptocurrency apps as a lure to deliver a previously undocumented version of the AppleJeus malware, according to new findings from Volexity. While the TraderTraitor attacks culminate in the deployment of the Manuscrypt remote access trojan, the new activity makes use of a supposed crypto trading website named BloxHolder, a copycat of the legitimate HaasOnline platform, to deliver AppleJeus via an installer file. The North Korean government is known to adopt a three-pronged approach by employing malicious cyber activity that's orchestrated to collect intelligence, conduct attacks, and generate illicit revenue for the sanctions hit nation.

Source read time: 1 min -

Also offered in: Nederlands

More news for you