Kaspersky Lab reveals today that heightened cyberheist activity by the notorious Lazarus group will give rise to more fake supply chain attacks to deliver ever stealthier infections. The cybergang has also been discovered to have reinforced its financial attack portfolio with malware targeting the MacOS platform.

 

“We have observed how the Lazarus group has constantly evolved— from waging cyber espionage campaigns worldwide to financial attacks against major banks. Last year, we warned that they are not after your data anymore. And indeed, they aren’t. These state-backed attackers are now ramping up the sophistication of their attacks and widening their reach to steal more money and trick the cybersecurity industry,” warns Seongsu Park, Senior Security Researcher in the Global Research and Threat Analysis Team (GReAT), Kaspersky Lab Asia Pacific.

 

Kaspersky Lab researchers have analyzed the forensic details of the new malicious operations of the APT group, which at first glance looked like a supply chain attack. Dubbed AppleJeus, the attack compromised users through the Trojanized trading application, Celas Trade Pro, developed by a legitimate company named Celas Limited.

 

Being Trojanized means infected by a Trojan, a type of malware often disguised as legitimate software. Once activated, Trojans enable cybercriminals to spy on users, steal sensitive data, and gain backdoor access to systems.

 

Researchers found evidence that the heist against South Korea’s Cryptocurrency Exchange CoinIS, which lost almost $2 million USD, was a malicious operation by Lazarus group. Kaspersky Lab’s researcher believes that this cybergang targeted the online wallet of CoinIS’s HTA (Home Trading Application) program user via this supply chain attack. After this, these infamous hackers had to step up their game by using a more sophisticated strategy—faking supply chain attacks to steal cryptocurrency.

 

Researchers looked into the developer of the Trojanized trading application and found out that while the Celas LLC company possesses valid SSL certificate for signing its software and legitimate-looking registration records for the domain, the address registered in the certificate’s information leads to false locations, at least based on the publicly available information retrieved during the investigation.

 

The high-profile APT group has also developed a reconnaissance-module malware with almost the same capabilities when deployed into Windows software or a MacOS. This type of malware evaluates first if a device is worth attacking, before infecting it with a Trojan known as Fallchill in the form of a software update. This old but reliable Trojan is another known tool associated with Lazarus.

 

“With major attacks up its sleeves — such as the Bangladesh Bank heist and the WannaCry ransomware, to name a few, the Lazarus group is like a constant presence in the world of cybersecurity and it is getting quite adept at hiding and spreading its evil schemes. The extensive effort it exerts to create malware for the supposedly safer MacOS environment, and the intricate details needed to create a legitimate-looking application and software company, prove it is far from stopping. There are more attacks to come, and we had better be ready because it won’t get any easier,” warns Park.

 

To boost the defenses of consumer devices and company networks from attacks like AppleJeus, Kaspersky Lab suggests being more prudent when choosing third-party vendors. The global cybersecurity company also calls for more caution when trusting legitimate-looking software applications, certificates, and developers.

 

A highly sophisticated solution that enables businesses to detect targeted attacks and other malicious actions through the careful monitoring of network activity, web, and email, like the Kaspersky Anti Targeted Attack Platform, can also provide an added layer of protection against sophisticated financial threats.

 


RECOMMENDED ARTICLE FOR TECHWORLD


 
Go Deeper into the Void – CORSAIR Announces New Lineup of VOID PRO Gaming Headsets
Techworld Date Posted: 23 August 2017 11:33 AM | 219 Views
CORSAIR, a world leader in enthusiast memory, PC components and high-performance gaming hardware, today announced the release of its new range of VOID PRO gaming headsets. When you're deep in the game and sound.... See More
 
Go Deeper into the Void – CORSAIR Announces New Lineup of VOID PRO Gaming Headsets
Techworld Date Posted: 11:33 AM | 219 Views
CORSAIR, a world leader in enthusiast memory, PC components and high-performance gaming hardware, today announced the release of its new range of VOID PRO gaming headsets. When you're deep in the game and sound...See More

 
How We (Lenovo) See a World Powered by AI
Techworld Date Posted: 28 July 2017 3:54 PM | 249 Views
Ask 10 people what does AI do, and you'll likely get 10 different answers. And many of them would be correct. That's the beauty of AI; it's capable of so many things.. See More
 
How We (Lenovo) See a World Powered by AI
Techworld Date Posted: 3:54 PM | 249 Views
Ask 10 people what does AI do, and you'll likely get 10 different answers. And many of them would be correct. That's the beauty of AI; it's capable of so many things.See More

PCBG Contributing Writer
Buckle Up for This Year’s E-Sports and Gaming Summit
Techworld • By: PCBG Contributing Writer | Date Posted: 26 October 2017 2:36 PM | 254 Views
The E-Sports and Gaming Summit (ESGS) 2017 is bound to grace the SMX Convention Center in Pasay City on October 27-29 (Friday-Sunday) for a no-holds barred gaming extravaganza and introduction of new local and.... See More
PCBG Contributing Writer
Buckle Up for This Year’s E-Sports and Gaming Summit
Techworld • By: PCBG Contributing Writer | Date Posted: 2:36 PM | 254 Views
The E-Sports and Gaming Summit (ESGS) 2017 is bound to grace the SMX Convention Center in Pasay City on October 27-29 (Friday-Sunday) for a no-holds barred gaming extravaganza and introduction of new local and...See More

 
F5 Delivers Application Services for a Multi-Cloud World
Techworld Date Posted: 12 July 2017 2:12 PM | 279 Views
MANILA, PHILIPPINES – F5 Networks (NASDAQ: FFIV) announces the availability of offerings designed to provide consistent application services in multi-cloud environments—giving companies greater deployment flexibility, more effective security, and faster time to market.. See More
 
F5 Delivers Application Services for a Multi-Cloud World
Techworld Date Posted: 2:12 PM | 279 Views
MANILA, PHILIPPINES – F5 Networks (NASDAQ: FFIV) announces the availability of offerings designed to provide consistent application services in multi-cloud environments—giving companies greater deployment flexibility, more effective security, and faster time to market.See More

 
Kaspersky Lab Appeals U.S. Department of Homeland Security Debarment
Techworld Date Posted: 19 December 2017 11:46 AM | 203 Views
Kaspersky Lab announced today that it is seeking an appeal in federal court of U.S. Department of Homeland Security’s (DHS) decision on Binding Operational Directive 17-01 banning the use of the company’s products in.... See More
 
Kaspersky Lab Appeals U.S. Department of Homeland Security Debarment
Techworld Date Posted: 11:46 AM | 203 Views
Kaspersky Lab announced today that it is seeking an appeal in federal court of U.S. Department of Homeland Security’s (DHS) decision on Binding Operational Directive 17-01 banning the use of the company’s products in...See More

 
SAP Calls for Public and Private Sector Organisations in the Philippines to Harness the Power of Data
Techworld Date Posted: 23 August 2017 1:34 PM | 234 Views
On photo: Ryan Poggi, Managing Director, SAP Philippines and Kathleen Muller, Head of Analytics and Insight, SAP Southeast Asia SAP SE (NYSE: SAP) said today it has harnessed its digital core, bold technologies of the.... See More
 
SAP Calls for Public and Private Sector Organisations in the Philippines to Harness the Power of Data
Techworld Date Posted: 1:34 PM | 234 Views
On photo: Ryan Poggi, Managing Director, SAP Philippines and Kathleen Muller, Head of Analytics and Insight, SAP Southeast Asia SAP SE (NYSE: SAP) said today it has harnessed its digital core, bold technologies of the...See More

 
Transcend to Supply High-Quality Memory Products In Spite of DRAM Shortage
Techworld Date Posted: 2 December 2017 4:46 PM | 202 Views
As the global demand for DRAM continue to rise, it is expected the price of DRAM to stay firm through year 2018. See More
 
Transcend to Supply High-Quality Memory Products In Spite of DRAM Shortage
Techworld Date Posted: 4:46 PM | 202 Views
As the global demand for DRAM continue to rise, it is expected the price of DRAM to stay firm through year 2018See More

 
Transcend Reveals UASP-Ready SSD Enclosure Kit for Enhanced Transfer Efficiency and Data Mobility
Techworld Date Posted: 30 October 2018 1:32 PM | 54 Views
Transcend Information Inc., a leading manufacturer of storage and multimedia products, is proud to introduce SSD Enclosure Kit options in different form factors to cover all possibilities and enhance data mobility.. See More
 
Transcend Reveals UASP-Ready SSD Enclosure Kit for Enhanced Transfer Efficiency and Data Mobility
Techworld Date Posted: 1:32 PM | 54 Views
Transcend Information Inc., a leading manufacturer of storage and multimedia products, is proud to introduce SSD Enclosure Kit options in different form factors to cover all possibilities and enhance data mobility.See More

 
Getting Ready for the Holidays: Your Safe Online Shopping Guide
Techworld Date Posted: 21 November 2017 8:42 AM | 184 Views
  Online retailers are gearing up for the biggest shopping day of the year. With more consumers doing their holiday shopping online, additional compute resources and warehouses bulging with inventory ensure that shoppers won’t.... See More
 
Getting Ready for the Holidays: Your Safe Online Shopping Guide
Techworld Date Posted: 8:42 AM | 184 Views
  Online retailers are gearing up for the biggest shopping day of the year. With more consumers doing their holiday shopping online, additional compute resources and warehouses bulging with inventory ensure that shoppers won’t...See More

 
Fortinet’s Newest Sandbox Solution Recommended by NSS Labs
Techworld Date Posted: 26 October 2017 1:39 PM | 878 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the results of the latest NSS Labs Breach Detection System (BDS) group test.. See More
 
Fortinet’s Newest Sandbox Solution Recommended by NSS Labs
Techworld Date Posted: 1:39 PM | 878 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the results of the latest NSS Labs Breach Detection System (BDS) group test.See More


Power by

Download Free AZ | Free Wordpress Themes