New-and-improved North Korean malware targets cryptocurrency traders
Researchers identify spread of new AppleJeus variant alongside fake cryptocurrency website run by Pyongyang
North Korea’s infamous Lazarus Group has developed new and improved versions of its cryptocurrency-stealing malware AppleJeus, marking the regime’s latest attempt to garner funds for Kim Jong Un’s weapons programs.
Researchers at American security firm Volexity say they uncovered the newest strain earlier this year embedded in trojanized versions of QTBitcoinTrader — a legitimate, open-source cryptocurrency trading application — and in malicious Microsoft Office documents. They also uncovered evidence the hacking syndicate had shifted from distributing the malware in Microsoft Installation (MSI) files to malicious Microsoft Word documents.
“This technique seems to reduce static
- 01From QR codes to the blockchain: Inside North Korea’s digital payment plans
- 02Kim Jong Un reviews old satellite imagery despite North Korea’s new eyes in sky
- 03Eyes above: How a new ROK satellite will help monitor North Korea’s every move
- 04Timeline: From North Korea’s satellite launch to scrapping 2018 military deal
- 05North Korea’s post-reform elections looked a lot like those that came before
- 06State media review: North Korea faults ‘puppets’ for collapse of military deal
- 07In orbit: Everything we know about North Korea’s new spy satellite so far
- 08Why it matters if South Koreans personally know a North Korean defector