Lazarus Hackers Make Use of Fraudulent Crypto Apps, US Warns

CISA, the FBI, and the US Treasury Department have recently issued a warning that firms in the cryptocurrency and blockchain industries are being targeted by the North Korean Lazarus hacking gang. It seems that the threat actors are using trojanized cryptocurrency applications in this wave of cyberattacks.

The hackers utilize social engineering to persuade employees of crypto firms to download and execute malicious cryptocurrency apps for Windows and macOS.

More Details about the Lazarus Operation

What the Lazarus operators do with these trojanized tools is to obtain access to the victims’ computers, distribute malware throughout their networks, and steal private keys that allow them to conduct fraudulent blockchain transactions and steal wallet crypto assets.

The U.S. government has observed North Korean cyber actors targeting a variety of organizations in the blockchain technology and cryptocurrency industry, including cryptocurrency exchanges, decentralized finance (DeFi) protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens (NFTs). (…) Intrusions begin with a large number of spearphishing messages sent to employees of cryptocurrency companies—often working in system administration or software development/IT operations (DevOps)—on a variety of communication platforms. The messages often

Read More: https://heimdalsecurity.com/blog/lazarus-hackers-make-use-of-fraudulent-crypto-apps-us-warns/