North Korean cyber campaign targets blockchain engineers with new macOS malware
Lazarus Group used coding challenge and job offer as lure in sophisticated social engineering scheme, security firm says
North Korean cybercriminals targeted blockchain engineers working for a cryptocurrency exchange platform with new macOS malware, posing as fellow engineers on an instant messaging platform, according to a U.S. cybersecurity firm.
Researchers traced the intrusion to a Python programming language application disguised as a tool designed to profit from cryptocurrency rate differences between various platforms, Elastic Security Labs said in a report published Wednesday.
Citing similarities in techniques, network infrastructure and certificates used to digitally sign applications, the firm attributed the attack to the DPRK’s Lazarus Group.
The campaign’s focus
- 01From QR codes to the blockchain: Inside North Korea’s digital payment plans
- 02Kim Jong Un reviews old satellite imagery despite North Korea’s new eyes in sky
- 03Eyes above: How a new ROK satellite will help monitor North Korea’s every move
- 04Timeline: From North Korea’s satellite launch to scrapping 2018 military deal
- 05North Korea’s post-reform elections looked a lot like those that came before
- 06State media review: North Korea faults ‘puppets’ for collapse of military deal
- 07In orbit: Everything we know about North Korea’s new spy satellite so far
- 08Why it matters if South Koreans personally know a North Korean defector