Security News > 2022 > December > Hackers use new, fake crypto app to breach networks, steal cryptocurrency

The North Korean 'Lazarus' hacking group is linked to a new attack spreading fake cryptocurrency apps under the made-up brand, "BloxHolder," to install the AppleJeus malware for initial access to networks and steal crypto assets.

A new report by Volexity has identified new, fake crypto programs and AppleJeus activity, with signs of evolution in the malware's infection chain and abilities.

Although Lazarus' focus on cryptocurrency assets is well documented, the North Korean hackers remain fixed on their goal to steal digital money, constantly refreshing themes and improving tools to stay as stealthy as possible.

Google discovered in January 2021 that Lazarus was creating fake online personas to target security researchers in social engineering attacks that installed backdoors on their devices.

More recent attacks have turned to the spreading of trojanized cryptocurrency wallets and trading apps that steal people's private keys and drain their crypto assets.

In April, the U.S. government linked the Lazarus group to a cyberattack on Axie Infinity that allowed them to steal over $617 million worth of Ethereum and USDC tokens.

News URL

https://www.bleepingcomputer.com/news/security/hackers-use-new-fake-crypto-app-to-breach-networks-steal-cryptocurrency/