Cryptocurrency exchange hacked by Lazarus Group, says Kaspersky

On 23rd August, the Kaspersky Lab [anti-virus manufacturing company] announced that a cryptocurrency exchange has been infected with malware for both Windows and macOS.

According to Kaspersky Lab, the incident has been reported for the first time. The malware named ‘AppleJeus’ crept into the systems of an anonymous cryptocurrency exchange company after an employee downloaded an application from a genuine looking website.

Kaspersky has now confirmed that the app originated from a fake website created by the North Korean hacker group Lazarus. The name Lazarus has been tied up with the biggest scams and has posed as a major threat for several years. The group is also responsible for hacking banks and other cryptocurrency exchanges all over the world. The malware was induced to get hold of cryptocurrency funds, Kaspersky informed.

Moreover, Kaspersky revealed that the hackers have gone an extra mile and created malware for all operating systems including macOS, ensuring that OS does not pose to be a barrier.

The main targets for the Lazarus have been the South Korean exchanges. There has been a rush of complaints from platforms like Bithumb and YouBit in recent times.

The head of Kaspersky’s APAC team said:

“The fact that they developed malware to infect macOS users in addition to Windows users and – most likely – even created an entirely fake software company and software product in order to be able to deliver this malware undetected by security solutions, means that they see potentially big profits in the whole operation.”

This is not the first time that the cryptocurrency space has seen hacking threats. Recently the crypto space saw an unusual hacking where PGA servers were compromised and asked for the ransom in Bitcoin [BTC], a report from Golfweek stated.

An investigation conducted by Group-IB revealed that the main targets for online crimes were places like Russia, China, and the United States.

Earlier this year, Remco Verhoef, Founder of network security firm DutchSec, revealed about a macOS malware that impersonated “key people” in the cryptocurrency industry and shared “small snippets” which can be downloaded and a malicious binary was executed on the systems it crept into.