You are here
Home > News > North Korea now uses fake cryptocurrency companies to break into Mac OS

North Korea now uses fake cryptocurrency companies to break into Mac OS

north korea now uses fake cryptocurrency companies

A research was published on Sunday, indicating that North Korea is sponsoring hackers to attack Apple Macs.

US government and multiple cybersecurity companies reported that North Korea is sponsoring a group called Lazarus. And that they are trying to get into Macs through some fake cryptocurrency software designed by a front company.

Patrick Wardle, Apple Mac’s security specialist and principal security researcher at JAMF, Explained how this hack is executed.

He said that:” the hackers created a fake company with an official website that looks legit. They now present an open-source cryptocurrency app. And put it up on the popular code-sharing site GitHub. A vicious malware is hidden within the code. So that when it is downloaded into an Apple PC, it gives the hackers access into the PC”. The hackers can then do anything they like on the Mac.

READ ALSO: Introduction to Malware: What is it About – Sources, Signs and Impact?

Wardle stated in a blog post: “the ability to remotely execute commands fully gives a remote attacker full and extensible control over the infected Mac OS system.”

However, it was reported that the front company is set up by North Korea. The hackers then contact administrators and cryptocurrency exchange users. Then they ask them to review and test their new app.

With this, they can get lucky and start infecting targets.

North Korea Latest Move

Reports have it that North Korea has been making rounds of efforts to get into cryptocurrency coffers. And they have made some success.

In August, it was reported that it had made as much as $2billion. This was achieved by hacking into both traditional banks and cryptocurrency companies. It seems that some of the money is being used to help the state build weapons of mass destruction.

This recent attack on Mac OS by North Korea comes after a modus operandi that is similar to a former campaign detected by a Russian cybersecurity firm in august 2018.

That same operation was also executed using a front company Celas LLC, which was created to target the cryptocurrency sector.

Wardle, however, reduced tensions by stating that; you do not need to worry about getting infected unless you are an employee at a cryptocurrency exchange.

You can also read:

Follow me

Daniel Segun

Editor-in-Chief at SecureBlitz Media
Daniel Segun is a Content Writer and Editor with over 6 years of experience. When not writing, he's probably busy designing graphics or developing websites.
Daniel Segun
Follow me

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Top