![]() Read Also: Survey Shows that 49% of 'Android to iOS' Switches are Because of Safety Reasons How the Lazarus Group Stole Millions Worth of Crypto Tokens This is an instance of Operation In(ter)ception by #Lazarus for Mac. #ESETresearch #BREAKING A signed Mac executable disguised as a job description for Coinbase was uploaded to VirusTotal from Brazil □□. ![]() One of their highlights includes the $600 million attack on the Ronin bridge. The Lazarus Group is in no way new to the game and has already pulled off several successful digital heists in the past. The field includes the FinderFontsUpdated.app bundle, the safarifontagent downloader, and the "Coinbase_online_careers_2022_07.pdf" decoy. Lazarus Saw Big Success When They Launched a $600 Million Attack on the Ronin BridgeĪ detailed thread was uploaded to Twitter sharing how the malware would drop three different files. This means that the group is trying to go after not just older but also newer device models. The problem, however, is that this is not a PDF file but rather a malicious DLL that will allow the group to send commands directly to the infected endpoint.Īs per researchers, the file is capable of running itself on both Intel and Apple processor-powered Macs. pdf file that would allegedly contain the position's details. Once Hackers Gain Rapport, They Have Victims Download a Malicious DLL to Infect Their ComputerĪfter a few rounds of the "interview," the attackers would then send the victim a. The Lazarus group would basically try to impersonate Coinbase and reach out to different blockchain developers through LinkedIn and other platforms to offer them a job. The attack campaign is pretty similar for both Windows and Apple users. Initially, those types of attacks were first limited to just Windows users, but ESET cybersecurity researchers have found out that the attacks are now expanding past Windows and into Apple territory as well. In addition, reports said that the group also hacked the Ronin Bridge, which caused the loss of more than $540 million.Cybersecurity Researchers have Found Attacks Expending to Apple Users as Well The group was also responsible for several large cryptocurrency thefts amounting to more than $2 billion. ![]() The digital tokens belonged to Harmony, the crypto startup behind Horizon Blockchain Bridge. Last month alone, cyber-security researchers linked the group to the stealing of digital tokens worth $100 million. The Lazarus group recently made headlines because of the various campaigns it staged against the cryptocurrency world. The researchers also noted that the application was not notarised and Apple revoked the certificate on Aug. 2022 to a developer named Shankey Nohria. It drops three files: a decoy PDF document, a bundle, and a downloader.” The report also noted that the Mac malware campaign is new and not part of any previous Mac campaigns executed by the Lazarus group.īased on the timestamp found on the malicious files, the bundle was signed July 21 and used a certificate issued in Feb. The researchers warned that “malware is compiled for both Intel and Apple Silicon. Malware Affects Both Intel and Apple Silicon Macs According to the researchers, this modus operandi is typical of operations of the Lazarus group when attacking Macs. However, the researchers learned they contained a signed Mac executable capable of compromising both Intel and Apple Silicon Macs. At first, these appear to be legitimate job postings. The hackers posted the job listings on VirusTotal from Brazil. The advertisements sought to recruit an engineering manager, supposedly for Coinbase. Lazarus, a hacking group famous for spreading the WannaCry ransomware globally in 2017, posted the job listings. North Korean Lazarus Hackers Target Mac UsersĪccording to the Business Standard, researchers at ESET, a cyber-security firm, posted a screenshot on Twitter showing fake job listings apparently posted from crypto exchange Coinbase. ![]() The group has been posting fake job advertisements containing malicious files that infect users’ MacBooks. Researchers discovered the North Korean Lazarus hackers have been targeting Apple Mac users. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |