The publications are suspended, except for particular events, from 1 to 21 August. In the meantime, we are preparing some news for the second half of the year.
Cybercrime, Lazarus targets blockchain companies with TraderTraitor
Lazarus targets blockchain companies with TraderTraitor. The North Korea’s APT uses spear phishing emails to cryptocurrency firm employees that mimic recruitments for high-paying jobs: Goal: to download the malware
North Korea’s state-sponsored hackers are targeting blockchain companies. It has been denounced by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Treasury Department. Lazarus (aka APT38, BlueNoroff and Stardust Chollima) used AppleJeus trojanized cryptocurrency applications targeting individuals and companies—including cryptocurrency exchanges and financial services companies—through the dissemination of cryptocurrency trading applications that were modified to include malware that facilitates theft of cryptocurrency. The APT targeted various firms, entities, and exchanges in the blockchain and cryptocurrency industry using spear phishing campaigns and malware to steal cryptocurrency. Intrusions begin with a large number of messages sent to employees of cryptocurrency companies, often working in DevOps, on a variety of communication platforms. The messages often mimic a recruitment effort and offer high-paying jobs to entice the recipients to download malware-laced cryptocurrency applications, named “TraderTraitor.”