JAKARTA North Korea's famous hacker group, Lazarus Group, is reportedly going to create a crypto trading platform. To launch its action, the hacker group has registered a bloxholder.com domain that will become the official website of cryptocurrency trading services.
However, the plan is aimed at infecting crypto users and systems to retrieve important data from crypto owners around the world. After successfully obtaining community-owned passwords and accounts, they will launch their malicious actions, steal cryptocurrencies.
Luckily, the plan is known to be a cybersecurity company based in Washington DC, Volexity. By utilizing the blobholder.com site, Lazarus intends to direct its users to download an application that is already filled with Applejeus malware. This malware is designed to steal passwords and important user data in the system.
This isn't the first time the Lazarus group has used such a way. Although there is an update in hacking techniques that allow apps to confuse and slow down the detection of malware.
Previously, Veloxity also discovered a similar technique that would allow hackers to send malware to users in October 2022. The method changed using Office documents, especially macro-filled spreadsheets, a kind of program embedded in documents designed to install Applejeus malware on computers.
The document, identified under the name "OKX Binance & Huobi VIP fee compound.xls," displays the benefits that each VIP program from this exchange should offer at a different level.
To reduce this kind of attack, it is recommended to block macro execution in documents, as well as research and monitor the creation of new tasks on OS to be aware of unidentified new tasks running in the background.
However, Veloxity did not inform the level of reach that had been achieved in this hacking attempt. Lazarus, a North Korean hacker group, was indicted by the US Department of Justice (DOJ) in February 2021, involving a group operator linked to North Korea's intelligence organization, the Reconnaissance General Bureau (RGB).
Prior to that, in March 2020, DOJ charged two Chinese nationals for assisting the laundering of more than 100 million US dollars in cryptocurrencies linked to the exploitation of Lazarus.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)