MacOS Malware Found On Crypto Website Traced to North Korean Hackers
Per a report from Bleeping Computer, a media platform for technology, some security analysts have found a new malware made for the macOS, and traced to an infamous group of hackers called Lazarus and based out of North Korea. According to the report, the malware was found on a supposed crypto site – unioncrypto.vip – which is purportedly a platform that helps interested participants find opportunities for digital currency arbitrage trading.
The site reportedly does not have any download links but the malware, UnionCryptoTrader, was found on it. Found by malware researcher Dinesh Devadoss, it was discovered that the malware can run remote operations in memory, not expected to be easily done with the macOS like with Windows. This makes it nearly impossible to detect and makes it difficult to carry out any forensic analysis.
Regardless, a researcher and macOS hacker Patrick Wardle was able to do some analysis of the malware package and found that it had “some clear overlaps” with a previous package characteristic of the Lazarus Group, which was found two months ago by MalwareHunterTeam.
This year alone, North Korea has been fingered a few times as backing some attempts at hacking in different parts of the world. Back in August, the U.N. released a report accusing North Korea of enriching itself by $2 billion, via cyber attacks. The country has since dismissed the report.
Image Credits: Pixabay
Gloss