Getting your Trinity Audio player ready... |
A notorious hacking group from North Korea has turned to Telegram for its latest crime spree, after changing the methodology of its attacks.
According to security researchers at Kaspersky, hacking group Lazarus has updated its method of attack to evade detection, with evidence the gang is now taking a more cautious approach to its scamming.
Describing the “improved tactics and procedures” being deployed by the hackers, Kaspersky said it was more difficult than ever to detect malicious scripts and hack attempts from the group.
Lazarus has previously been identified as the source of nefarious activity, with cryptocurrency very much part of their attack strategy. The group uses malicious scripts to compromise its victims, propagating its attacks from one system to the next.
As new attack strategies are identified by security researchers, they become easier to control. But with the latest strategy apparently relying on crypto messaging groups, Kaspersky said this could lead to more victims being caught in their net.
The researchers presented evidence that Lazarus was now using the Telegram app, already popular within the crypto community, to steal cryptocurrency from their unsuspecting victims.
The latest tactics have been named Operation AppleJeus Sequel, following on from Operation AppleJeus which was first uncovered in 2018.
Fake cryptocurrency companies were set up by the hackers, who then created fake Telegram groups linking to their crypto exchanges. Unsuspecting users are then infected with a malicious payload.
Infected systems are then exploited by the group, including for further spreading their malicious scripts to other users, perpetuating the problem even further still.
The value of losses from the attacks is so far unclear, though the researchers have managed to identify a number of victims, including some based in China, the U.K., Russia and Poland.
North Korean hackers are thought to account for as much as $2 billion in crypto losses each year. With Lazarus now stepping up its attack efforts, this number could be set to continue to grow in 2020.
Cybercrime continues to pose ongoing challenges for the cryptocurrency world, with BTC in particular still the focal point for criminal behavior with crypto.