Tech 12 months agoCecille de Jesus
ALERT: North Korean hackers are circulating an MS Word document to steal from crypto workers
SecureWorks says the attack is “state-sponsored.”
Beware: even Word documents are not safe.
The same cyber crime group that shook the world with the infamous WannaCry ransomware is on to even more mischief. Information security service firm SecureWorks reported that the Lazarus Group is now circulating a spearphishing scam disguised as a job advert targeting workers in the cryptocurrency industry. The attack has been observed since last year, but attempts as recent as last month have also been seen.
The malware is being circulated through an email of a fake job advert, where a seemingly innocent Microsoft Word document attached to the email reportedly triggers the installation of a “Remote Access Trojan” inconspicuously in the background.
In an interview with Business Insider, SecureWorks senior security researcher Rafe Pilling says the malware assesses whether a particular computer is worth pillaging before possibly downloading more malware to assist in its operations.
“The malware that’s downloaded is the first stage RAT that gives them basic systems survey capability and the ability to download further malware if they find they’ve landed an interesting target,” Pilling said.
It is unclear if the malware has claimed any victims, and if so, how much the damage is. But SecureWorks says the operation is a big one:
“There’s a significant capability behind this threat actor — we’re not talking about five people in a room.”
Pilling believes the campaign was backed by the government, seeing as such operations in tightly controlled North Korea would be practically impossible—unless the government instigated it. The Lazarus Group has also previously been linked to the North Korean government’s operations.
“North Korea is perhaps unique in that there’s such tight control over all forms of communication,” Pilling said. “We don’t believe there’s anything that state organised cyber activity that comes out of that country. We would see it as having some degree of state direction or state approval.”
Note: Tokens in the SegWit chain are referred to as SegWit1X (BTC) and SegWit Gold (SWG) and are no longer Bitcoin. Bitcoin Cash (BCH) is the only true Bitcoin as intended by the original Satoshi white paper. Bitcoin BCH is the only public block chain that offers safe and cheap microtransactions.
Note: Tokens on the Bitcoin Core (segwit) Chain are Referred to as BTC coins. Bitcoin Satoshi Vision (BSV) is today the only Bitcoin implementation that follows Satoshi Nakamoto’s original whitepaper for Peer to Peer Electronic Cash. Bitcoin BSV is the only major public blockchain that maintains the original vision for Bitcoin as fast, frictionless, electronic cash.
Tech 11 hours ago
New York Media integrates blockchain in publishing platform
New York Media, whose sites include New York Magazine and Slate, is collaborating with Po.et, a blockchain protocol for creative content management. According to a press statement, the partnership will involve integration of blockchain technology ...
Tech 1 day ago
PayPal rolls out blockchain rewards scheme for staff
Payments giant PayPal has become the latest company to deploy blockchain technology, in this case as a means of delivering a new incentive platform for the company’s employees, financial news outlet Cheddar reported. Launched in ...
Tech 1 day ago
Latest Mastercard patent filing covers anonymous blockchain transactions
Prolific patent filer Mastercard has applied for protection of yet another blockchain innovation—a platform that would allow anonymous blockchain transactions, using a somewhat familiar method. In what has been likened to a coin mixing or ...