Alleged North Korea-sponsored cybercrime group Lazarus is still targeting cryptocurrencies and adopting new tactics, according to a new report from cybersecurityand anti-virus company Kaspersky Lab published on March 26.The report reveals that allegedly state-sponsored hacker group Lazarus has been active with a new operation since last November, wherein the group uses PowerShell that allows them to manage and control Windows and macOS malware. The Lazarus team has reportedly developed custom PowerShell scripts that interact with C2 malicious servers and execute commands from the operator.C2 server script names, in their turn, are misrepresented as WordPress files, and other open source projects. Once the malware control session with the server is created, the malware is able to download and upload files, update malware configuration and collect basic host information, among others.Kaspersky notes that the hackers are still targeting systems involved in the cryptocurrency and fintech industries, and advised players in those sectors to exercise caution:
“If you’re part of the booming cryptocurrency or technological startup industry, exercise extra caution when dealing with new third parties or installing software on your systems [...] And never ‘Enable Content’ (macro scripting) in Microsoft Office documents received from new or untrusted sources…”
As previously reported, Lazarus is purportedly responsible for $571 million of the $882 million in cryptocurrency that was stolen from online exchanges from 2017–2018; almost 65 percent of the total sum. Out of 14 separate exchange breaches, five were attributed to the group, among them the industry record-breaking $532 million NEM hack of Japan’s Coincheck.
Earlier in March, Cointelegraph reported that North Korea has reportedly amassed $670 million in fiat and cryptocurrencies by conducting hacking attacks, wherein the hackers attacked overseas financial institutions from 2015 to 2018 and purportedly used blockchain “to cover their tracks.”
Source :Cointelegraph
Post Creator :Ana Alexandre
Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
https://ussanews.com/News1/2019/03/26/report-lazarus-hacker-group-adopts-new-methods-continues-targeting-crypto/
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Congratulations @souravsx! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :
You can view your badges on your Steem Board and compare to others on the Steem Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOP
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit