Hello and Good morning guys!!
As now a days, Bitcoin is getting so much popularity and attraction for the investors, it is also attracting blackhats or cybercriminals too. Also North Korea is in talks since it is breaking the rules or threatening the USA for war. One of the group of blackhats named Lazarus has been discovered for shooting designed spearphising campaigns against companies providing cryptocurrency to steal bitcoins.
This group is well known for many attacks held for stealing money from banks and also attacks like WannaCry ransomware and few others. They were also responsible for the hack of $81m of Bangladesh Bank. This malicious group was came in news for the first time with the Sony hack in 2014. As per the research of the security personals at Secureworks, North Korea's Lazarus Group in October had started a campaign of spreading a malicious attractive document advertising for a job opening for CFO role in a Bitcoin company based in Europe. Researchers said that this document had dropped a RAT(Remote Access Trojan).
What is RAT(Remote Administration Tool)?
-> A RAT or remote administration tool, is a software that gives the full control of a device, remotely. The RAT gives the admin privileges to the attacker while the victim even don't know about it. With this access, the person can access the files, use the camera, and even turn on/off the device.
ZDNet, which is a business technology news website published by CBS Interactive, along with TechRepublic. ZDNet had reported that researchers from Secureworks conclude that the trojan used in this campaign by the Lazarus Group is a new form of Trojan which is specially made for such kind of attacks. Senior security researcher at Secureworks says,"The interesting thing here is that the technique and the tactics being used since last summer mark a change in the nature of the lure and the nature of the targeting. Previously, Lazarus used defense-themed lures to target defense organisations, but now they're using bitcoin-themed lures to target financial companies."
This is not the first time that North Korea had shown it's interest in cryptocurrency but it was interested in it since 2013 and they are doing research in it since long time. Secureworks told IBTimes UK,"At that time, the North Koreans were using proxies to mask their originating IP address, but occasionally, those proxies failed, and revealed North Korean actors' true originating IP, which was the same North Korean IP used in previous cyber operations." They also said," Given the current rise in bitcoin princes, CTU suspects that the North Korea's interest in cryptocurrency remains high and is likely continuing its activities surrounding the cryptocurrency. A number of recent intrusion activities against several bitcoin exchanges in South Korea have been tentatively attributed to North Korea. CTU researchers assess that the North Korean threat against cryptocurrency will remain elevated in the foreseeable future."
North Korean hackers arranged an attack against Bithumb which is one of the South Korean's largest cryptocurrency exchanges in the month of June this year. The South Korean's spy agency has evidence with them about that hack and attack and they also considers that the Lazarus Group had hacked another exchange Coinis in the September. Researchers who were inspecting told that the campaign of Lazarus Group is still going on and also suggested that the cryptocurrency companies can have vulnerabilities which can be dangerous to them.
If you found our articles informative and interesting then follow and subscribe us here for our upcoming articles:
facebook: CLICK HERE!!!!!!!!!!
Twitter: @NewAgeInformers
Instagram: @new_age_informers_
As now a days, Bitcoin is getting so much popularity and attraction for the investors, it is also attracting blackhats or cybercriminals too. Also North Korea is in talks since it is breaking the rules or threatening the USA for war. One of the group of blackhats named Lazarus has been discovered for shooting designed spearphising campaigns against companies providing cryptocurrency to steal bitcoins.
This group is well known for many attacks held for stealing money from banks and also attacks like WannaCry ransomware and few others. They were also responsible for the hack of $81m of Bangladesh Bank. This malicious group was came in news for the first time with the Sony hack in 2014. As per the research of the security personals at Secureworks, North Korea's Lazarus Group in October had started a campaign of spreading a malicious attractive document advertising for a job opening for CFO role in a Bitcoin company based in Europe. Researchers said that this document had dropped a RAT(Remote Access Trojan).
What is RAT(Remote Administration Tool)?
-> A RAT or remote administration tool, is a software that gives the full control of a device, remotely. The RAT gives the admin privileges to the attacker while the victim even don't know about it. With this access, the person can access the files, use the camera, and even turn on/off the device.
ZDNet, which is a business technology news website published by CBS Interactive, along with TechRepublic. ZDNet had reported that researchers from Secureworks conclude that the trojan used in this campaign by the Lazarus Group is a new form of Trojan which is specially made for such kind of attacks. Senior security researcher at Secureworks says,"The interesting thing here is that the technique and the tactics being used since last summer mark a change in the nature of the lure and the nature of the targeting. Previously, Lazarus used defense-themed lures to target defense organisations, but now they're using bitcoin-themed lures to target financial companies."
This is not the first time that North Korea had shown it's interest in cryptocurrency but it was interested in it since 2013 and they are doing research in it since long time. Secureworks told IBTimes UK,"At that time, the North Koreans were using proxies to mask their originating IP address, but occasionally, those proxies failed, and revealed North Korean actors' true originating IP, which was the same North Korean IP used in previous cyber operations." They also said," Given the current rise in bitcoin princes, CTU suspects that the North Korea's interest in cryptocurrency remains high and is likely continuing its activities surrounding the cryptocurrency. A number of recent intrusion activities against several bitcoin exchanges in South Korea have been tentatively attributed to North Korea. CTU researchers assess that the North Korean threat against cryptocurrency will remain elevated in the foreseeable future."
North Korean hackers arranged an attack against Bithumb which is one of the South Korean's largest cryptocurrency exchanges in the month of June this year. The South Korean's spy agency has evidence with them about that hack and attack and they also considers that the Lazarus Group had hacked another exchange Coinis in the September. Researchers who were inspecting told that the campaign of Lazarus Group is still going on and also suggested that the cryptocurrency companies can have vulnerabilities which can be dangerous to them.
If you found our articles informative and interesting then follow and subscribe us here for our upcoming articles:
facebook: CLICK HERE!!!!!!!!!!
Twitter: @NewAgeInformers
Instagram: @new_age_informers_
Comments
Post a Comment