Russian Internet security firm Kaspersky Lab announced that North Korea Hacks Cryptocurrency Exchange with ‘First’ macOS Malware

Hey Ninjas, the protection of your funds is very crucial. So you don't lose your money, it's better not to download or go to a site that is unsecured.

Kaspersky Lab, the Russian Internet security firm has made it known to the public that the hackers in North Korea, the Asia continent has infested a crypto exchange with Malware for the world most successful operating systems, windows and macOS. This was announced today, August 23rd, 2018.

In the report published, the company discloses that the malware which is named ‘’AppleJeus’’, was able to enter the systems of an unspecified crypto exchange after an employee downloaded a third party app recommended from the third party. The Russian internet security company, Kaspersky Lab understands the downloaded app came from a  bogus developer with false security certificates – in a significant process carried out by the North Korean hacker collective Lazarus Group.

Kaspersky Lab claims the purpose of the malware is to steal crypto funds in the exchange in what marks the latest in a spate of both successful and failed attempts by North Korea in the crypto hacking space.

Kaspersky’s report states that to “ensure that the OS platform was not an obstacle to infecting targets, it seems the attackers went the extra mile and developed malware for other platforms, including for macOS.”

The report also stated that

“A version for Linux is coming soon, according to the website. It’s probably the first time we see this APT group using malware for macOS.”

Talking to Bleeping Computer, Vitaly Kamluk, head of Kaspersky’s GReAT APAC team, says

“The fact that they developed malware to infect macOS users in addition to Windows users and – most likely – even created an entirely fake software company and software product to be able to deliver this malware undetected by security solutions, means that they see potentially big profits in the whole operation.”

Ninjas, this ought to be an exercise for every one of us and a reminder to organizations depending on the third-party software. Don't naturally trust the code running on your systems. Neither one of the goods looking site, nor a strong organization profile nor the digital certificates ensure the absence of backdoors. Trust must be earned and demonstrated. Remain safe.

You can hit us up on Discord anytime to talk anything about cryptocurrencies. See you around Ninjas. 

Leave a comment

Please note, comments must be approved before they are published