Russian internet security company Kaspersky Lab reported that North Korean hackers successfully hacked into an unnamed cryptocurrency exchange using a malware known as the “AppleJeus”.
According to Kaspersky Lab’s report, the incident took place after an employee unknowingly downloaded a fake app. The app is believed to have come from the Lazarus Group, the North Korean hacker group posing as a fake developer carrying bogus security certificates. Kaspersky also reported that the “AppleJeus” malware is mainly used to steal cryptocurrency funds from both Windows and macOS operating systems.
However, the Windows and macOS are not the only operating systems being targeted by the hackers in the world of crypto hacking. Vitaly Kamluk, head of Kaspersky’s GreAT APAC, cautioned that a malware version designed to attack Linux is coming soon. According to him, it was the first time that this APT (advanced persistent threat) group had used malware for macOS.
He added, “The fact that they developed malware to infect macOS users in addition to Windows users and — most likely — even created an entirely fake software company and software product in order to be able to deliver this malware undetected by security solutions, means that they see potentially big profits in the whole operation.”
This is not the first time Lazarus Group has launched such an attack in the cyberspace. The group was reportedly responsible for numerous cyber attack as early as 2007. Back in 2014, the Lazarus Group made headlines when they hacked into the Sony Pictures network including exposing thousands of employees’ personal information as well as internal emails.