Lazarus E-Commerce Attackers Also Targeted Cryptocurrency
euroinfosec) • April 15, 2021 Get Permission
Fake payment form, which opens in an iFrame element, discovered in Magecart-style attacks attributed to Lazarus (Source: Group-IB)
Hackers with apparent ties to North Korea that hit e-commerce shops in 2019 and 2020 to steal payment card data also tested functionality for stealing cryptocurrency, according to the cybersecurity firm Group-IB.
Group-IB s new report builds on findings published in July 2020 by Dutch security firm Sansec, which reported that malicious infrastructure and in many cases also malware was being used for Magecart-style attack campaigns that had previously been attributed to the Lazarus Group.
Lazarus - aka Hidden Cobra, Dark Seoul, Guardians of Peace, APT38, Bluenoroff and a host of other names - refers to a group of hackers with apparent ties to the Pyongyang-based gov
Lazarus E-Commerce Attackers Also Targeted Cryptocurrency
bankinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from bankinfosecurity.com Daily Mail and Mail on Sunday newspapers.
Lazarus Group Targets Freight Logistics Firm
govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.
Last Updated: 07 April 2021
The United States Government has identified a cryptocurrency malware used by the North Korean government to steal crypto for Pyongyang.
US Agencies Report “AppleJeus” Malware In Detail
A report developed by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Treasury Department revealed that the crypto-malware called ‘AppleJeus’ was disguised as a legitimate-looking crypto trading software to facilitate cryptocurrency thefts.
First deployed in 2018, AppleJeus has been camouflaged using seven different official-sounding names. The names include Celas Trade Pro, JMT Trading, Union Crypto, Kupay Wallet, CoinGoTrade, Dorusio, and Ants2Whale.
AppleJeus mostly appeared to be from a legitimate cryptocurrency trading company to trick people into downloading it as a third-party application from websites that seemed genuine.
North Korean Group Targets Security Researchers
bankinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from bankinfosecurity.com Daily Mail and Mail on Sunday newspapers.