New-and-improved North Korean malware targets cryptocurrency traders



News New-and-improved North Korean malware targets cryptocurrency traders Researchers identify spread of new AppleJeus variant alongside fake cryptocurrency website run by Pyongyang Ethan Jewell December 6, 2022 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON A physical representation of bitcoin \| Image: Eivind Pedersen via Pixabay North Korea’s infamous Lazarus Group has developed new and improved versions of its cryptocurrency-stealing malware AppleJeus, marking the regime’s latest attempt to garner funds for Kim Jong Un’s weapons programs. Researchers at American security firm Volexity say they uncovered the newest strain earlier this year embedded in trojanized versions of QTBitcoinTrader — a legitimate, open-source cryptocurrency trading application — and in malicious Microsoft Office documents. They also uncovered evidence the hacking syndicate had shifted from distributing the malware in Microsoft Installation (MSI) files to malicious Microsoft Word documents. “This technique seems to reduce static Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01Trump return rekindles prospects of North Korea talks, but Russia stands in way 02How China could benefit from North Korea’s troop deployment to Ukraine 03New North Korean ICBM delivers big political message, and likely bigger payloads 04How North Korea-Russia ties will challenge next US president, no matter who wins 05What to make of the stunning collapse in value of North Korean won 06What to know about Kim Yong Bok, the man leading North Korean troops in Russia 07If Trump: How erratic leader’s reelection could scramble North Korea policy 08North Korea’s admission of drone incursion exposes glaring gaps in air defenses

News

New-and-improved North Korean malware targets cryptocurrency traders

Researchers identify spread of new AppleJeus variant alongside fake cryptocurrency website run by Pyongyang

Ethan Jewell December 6, 2022

New-and-improved North Korean malware targets cryptocurrency traders

A physical representation of bitcoin | Image: Eivind Pedersen via Pixabay

North Korea’s infamous Lazarus Group has developed new and improved versions of its cryptocurrency-stealing malware AppleJeus, marking the regime’s latest attempt to garner funds for Kim Jong Un’s weapons programs.

Researchers at American security firm Volexity say they uncovered the newest strain earlier this year embedded in trojanized versions of QTBitcoinTrader — a legitimate, open-source cryptocurrency trading application — and in malicious Microsoft Office documents. They also uncovered evidence the hacking syndicate had shifted from distributing the malware in Microsoft Installation (MSI) files to malicious Microsoft Word documents.

“This technique seems to reduce static

New-and-improved North Korean malware targets cryptocurrency traders

LATEST ANALYSIS

Similar Articles

About the Author

Ethan Jewell