Yet another malware has been reportedly developed by the North Korean cyber attack group known as Lazarus APT.
What’s interesting about this malware is that it specifically targets Apple Macs as it hides behind several fake crypto firms.
This development didn’t go unnoticed and Patrick Wardle, the Apple Mac security specialist, published a detailed blogpost describing the nature of the malware last week.
The malware was initially reported by the MalwareHunter Team on the previous day.
The .dmg for Mac (with the malware in it), and the malware alone are both on VT for more than a month, but still 0 detections when last scanned. pic.twitter.com/4ag4WtX1Do
— MalwareHunterTeam (@malwrhunterteam) October 11, 2019
According to Wardle and MalwareHunter, users need to be incredibly careful since at the time of their publication, there was no way to detect the malware by any engines on VirusTotal.
Additionally, it appears that the malware is very closely related with the malware created by the same Lazarus Group and first detected by Kaspersky Labs last year.
Lazarus APT are using tactics which experts are familiar with
In the same fashion as the previous strain of malware, the attackers have created a fake crypto company, or a few of them. By the initial reports, there seems to be more than one, but the most often seen seems to be “JMT Trading”.
After the fake crypto company is created, an open-source crypto trading app is also developed and its code is uploaded on GitHub while carefully concealing the malware within.
Wardle mentioned that open-source security tools and manual detection processes by alerted users should be perfectly able to detect the malware. He warned however, that VirusTotal engines seemed to be missing the malware completely. According to him, the most likely targets of the malware are not users of crypto exchanges, but rather their employees.
You can also check out:
- Coinmine One: Mining Becoming a Part of Everyday Life - Dec 27, 2019
- Blockchain Games: Huge Potential for Drastic Changes - Dec 23, 2019
- Lition: One Very Small Project Shows Big Opportunity - Dec 20, 2019
- Talent Growth System by Coinbase is Already Practiced by Global Giants - Dec 19, 2019
- Double-Spending: Potential Risks and Integrated Solutions - Dec 18, 2019
Know more than others on any Blockchain Party!
Join more than 5000 others to receive the breaking news and weekly summaries! No ICO spam, we promise.
You have Successfully Subscribed!