RATE Group | Researchers Detect New North Korea-Linked MacOS Malware on Crypto Trading Site
71242
post-template-default,single,single-post,postid-71242,single-format-standard,ajax_fade,page_not_loaded,,qode_grid_1300,side_area_uncovered_from_content,footer_responsive_adv,qode-content-sidebar-responsive,qode-child-theme-ver-1.0.0,qode-theme-ver-13.3,qode-theme-bridge,wpb-js-composer js-comp-ver-7.9,vc_responsive
 

Researchers Detect New North Korea-Linked MacOS Malware on Crypto Trading Site

07 Dec Researchers Detect New North Korea-Linked MacOS Malware on Crypto Trading Site

Posted at 15:19h in Cryptocurrency News by

[ad_1]

Security researchers have discovered a new cryptocurrency-related macOS malware believed to be the product of North Korean hackers at the Lazarus Group.

As tech-focused publication Bleeping Computer reported on Dec. 4, malware researcher Dinesh Devadoss encountered a malicious software on a website called “unioncrypto.vip,” that advertised a “smart cryptocurrency arbitrage trading platform.” The website did not cite any download links, but hosted a malware package under the name “UnionCryptoTrader.”

Linkage to North Korean hackers

According to the researchers, the malware can retrieve a payload from a remote location and run it in memory, which is not common for macOS, but more typical for Windows. This feature makes it difficult to detect the malware and carry out forensic analysis. Per VirusTotal, an online service for analyzing and detecting viruses and malware, only 10 antivirus engines flagged it as malicious at press time.

After conducting an analysis of the newly…

[ad_2]

Source link

Tags:
, , , , , , , ,