11-22-2024
BSV
$68.18
Vol 159.85m
-9.91%
BTC
$98922
Vol 114457.68m
2.13%
BCH
$493.36
Vol 1444.46m
-4.67%
LTC
$89.85
Vol 1173.34m
-0.36%
DOGE
$0.39
Vol 10005.46m
2%
Getting your Trinity Audio player ready...

A new type of MacOS malware distributed through a cryptocurrency exchange has been identified by security researchers, with links to a notorious North Korean hacking group.

Security researcher Dinesh Devadoss published detailed analysis of the malware, explaining how the malware is disguised as a cryptocurrency arbitrage platform to infiltrate the MacOS systems of unsuspecting victims.

The malware works by running a payload from a remote server on the host machine, and runs virtually undetected in the background.

In his analysis, Devadoss says the malware is similar to other types of malware put out by the North Korean hacking group Lazarus, which has been prolific in staging attacks designed to target cryptocurrency holdings.

In an analysis published on Objective-See’s blog, researchers pinned the blame on the North Korean group, after identifying several hallmarks of their attacks in its code.

Lazarus Group has a propensity for targeting users or administrators of crypto-currency exchanges. And their de facto method of infecting such targets is via fake crypto-currency company & trading applications.

It added, “Lazarus group continues to target macOS users with ever evolving capabilities. Today, we analyzed a new sample with the ability to remotely download and execute payloads directly from memory.”

The group has already successfully stolen in excess of $570 million in cryptocurrency across five separate attacks, with “clear overlaps” between the new malware and other hacks from the group.

The malicious software package is known as UnionCrypto Trader and collects information about user systems to relay to the remote server at reboot, including OS version and serial number.

For the time being, the hack appears harmless, with no malicious scripts being run from the remote server. However, researchers have suggested that this could be a precursor to a bigger attack, or an example of the hacking group testing out new techniques for future deployment.

While MacOS hacks are rare, attacks of this kind are beginning to gain traction, with more groups targeting MacOS systems for uncovering stashes of thievable cryptocurrency.

Recommended for you

David Case gets technical with Bitcoin masterclass coding sessions
Whether you're a coding pro or a novice, David Case's livestream sessions on the X platform are not to be...
November 21, 2024
NY Supreme Court’s ruling saves BTC miner Greenidge from closing
However, the judge also ruled that Greenidge must reapply for the permit and that the Department of Environmental Conservation has...
November 20, 2024
Advertisement
Advertisement
Advertisement