New post Need visibility? Apply for a FREE post for your Startup.  Apply Here

MobileNews

North Korean Hackers Now Steal Cryptocurrency Via Telegram – Kaspersky Warns

2 Mins read

Kaspersky, a Moscow-based cyber security firm, has warned cryptocurrency users to expect more attacks from North Korean hackers.

Kaspersky added that North Korean hackers have developed “enhanced capabilities” to deliver malware through Telegram messaging app.

The cyber security firm said that its lab has been analyzing new attacks from the Lazarus Group.

Lazarus group is a cybercrime group that has active links with North Korea.

Kaspersky lab said its analysis is aimed at determining how Lazarus Group’s techniques have developed since the AppleJesus attack on cryptocurrency exchange companies, in 2018.

According to the research paper published by Kaspersky, the cyber security firm said there have been “significant changes to the group’s attack methodology.”

The paper presents a case study which involved a move that appears to be a software update for a fake cryptocurrency wallet. Once the update is downloaded, it begins to transmit user data to hackers.

Another example involves creating a backdoor for Mac software that bypasses security mechanisms without the computer ever being aware it was under attack.

Kaspersky found out a new attack tactics. This tactic involves delivering malware via files distributed on the Telegram messaging app.

Researchers found that several computers download manipulated software, whose origin can be traced to Lazarus group’s website.

These softwares are embedded with malware that would send sensitive data to hackers – without the victim being aware.

Read also: Amidst Rising Tensions, India Bans More Chinese Apps

Many of these channels belong to fake cryptocurrency companies, presumably set up by the hackers themselves.

One of the recently detected fake sites was for a “smart cryptocurrency arbitrage trading platform.

Kaspersky researchers discovered that these websites were usually incomplete and filled with broken links, aside from the ones that took visitors to the Telegram channel.

Kaspersky said it has identified “several victims” from Poland, Russia, China and the U.K., most with links to cryptocurrency businesses.

Lazarus Group, however, has remain a mystery. According to experts, the group runs malware through computer memory, rather than a hard disk drive. This has enabled the group to avoid detection.

Lazarus group is widely believed to be affiliated with North Korea, although, the country has repeatedly denied responsibility for its attacks.

Group-IB – a cyber security firm, has estimated that Lazarus group stole about $600 million worth of cryptocurrency between 2017 and 2018.

Due to the success rate of Lazarus group’s operations, Kaspersky researchers are convinced the group will continue stealing cryptocurrency from unsuspecting victims.

This kind of attack on cryptocurrency businesses will continue and become more sophisticated,” the report says.

In 2019, the U.S. Department for Treasury placed Lazarus group on the U.S. sanctions list, subjecting any financial institution found dealing with the group, to sanctions.

Don’t miss any tech news ever!

We don’t spam! Read our privacy policy for more info.

880 posts

About author
When I'm not reading about tech, I'm writing about it, or thinking about the next weird food combinations to try. I do all these with my headphones plugged in, and a sticky note on my computer with the words: "The galaxy needs saving, Star Lord."
Articles
Related posts
ArticleMobileRandom

How WhatsApp's New Schedule Call Feature Works

1 Mins read
WhatsApp the global microblogging platform in a bid to improve user experience and maintain its place amongst competitors has witnessed series of…
ArticleMobileRandom

iOS 18.1 Release Notes

1 Mins read
While we were still basking in the euphoria of the iOS 18 and all of its exciting features, Apple developers seemed not…
News

Nigerian court orders release of Binance executive after seven months in detention

1 Mins read
Nigeria’s Federal High Court in Abuja has ordered the immediate release of Binance executive, Tigran Gambaryan, following the government’s decision to drop…
Newsletter Subscription

🤞 Don’t miss any update!

We don’t spam! Read more in our privacy policy

Join our Telegram channel here - t.me/TechpadiAfrica

Leave a Reply