Kaspersky Lab reveals today that heightened cyberheist activity by the notorious Lazarus group will give rise to more fake supply chain attacks to deliver ever stealthier infections. The cybergang has also been discovered to have reinforced its financial attack portfolio with malware targeting the MacOS platform.

 

“We have observed how the Lazarus group has constantly evolved— from waging cyber espionage campaigns worldwide to financial attacks against major banks. Last year, we warned that they are not after your data anymore. And indeed, they aren’t. These state-backed attackers are now ramping up the sophistication of their attacks and widening their reach to steal more money and trick the cybersecurity industry,” warns Seongsu Park, Senior Security Researcher in the Global Research and Threat Analysis Team (GReAT), Kaspersky Lab Asia Pacific.

 

Kaspersky Lab researchers have analyzed the forensic details of the new malicious operations of the APT group, which at first glance looked like a supply chain attack. Dubbed AppleJeus, the attack compromised users through the Trojanized trading application, Celas Trade Pro, developed by a legitimate company named Celas Limited.

 

Being Trojanized means infected by a Trojan, a type of malware often disguised as legitimate software. Once activated, Trojans enable cybercriminals to spy on users, steal sensitive data, and gain backdoor access to systems.

 

Researchers found evidence that the heist against South Korea’s Cryptocurrency Exchange CoinIS, which lost almost $2 million USD, was a malicious operation by Lazarus group. Kaspersky Lab’s researcher believes that this cybergang targeted the online wallet of CoinIS’s HTA (Home Trading Application) program user via this supply chain attack. After this, these infamous hackers had to step up their game by using a more sophisticated strategy—faking supply chain attacks to steal cryptocurrency.

 

Researchers looked into the developer of the Trojanized trading application and found out that while the Celas LLC company possesses valid SSL certificate for signing its software and legitimate-looking registration records for the domain, the address registered in the certificate’s information leads to false locations, at least based on the publicly available information retrieved during the investigation.

 

The high-profile APT group has also developed a reconnaissance-module malware with almost the same capabilities when deployed into Windows software or a MacOS. This type of malware evaluates first if a device is worth attacking, before infecting it with a Trojan known as Fallchill in the form of a software update. This old but reliable Trojan is another known tool associated with Lazarus.

 

“With major attacks up its sleeves — such as the Bangladesh Bank heist and the WannaCry ransomware, to name a few, the Lazarus group is like a constant presence in the world of cybersecurity and it is getting quite adept at hiding and spreading its evil schemes. The extensive effort it exerts to create malware for the supposedly safer MacOS environment, and the intricate details needed to create a legitimate-looking application and software company, prove it is far from stopping. There are more attacks to come, and we had better be ready because it won’t get any easier,” warns Park.

 

To boost the defenses of consumer devices and company networks from attacks like AppleJeus, Kaspersky Lab suggests being more prudent when choosing third-party vendors. The global cybersecurity company also calls for more caution when trusting legitimate-looking software applications, certificates, and developers.

 

A highly sophisticated solution that enables businesses to detect targeted attacks and other malicious actions through the careful monitoring of network activity, web, and email, like the Kaspersky Anti Targeted Attack Platform, can also provide an added layer of protection against sophisticated financial threats.

 


RECOMMENDED ARTICLE FOR TECHWORLD


 
PLDT Home Brings PH’s First All-in-One Video-on-demand, Pay TV and Free Channels Streaming Device
Techworld Date Posted: 9 August 2017 2:35 PM | 235 Views
PLDT Home continues to prove why it is the country's digital services leader with its next-generation entertainment device: the Roku PoweredTM TVolution. Developed in partnership with Roku, the Silicon Valley corporation that pioneered the concept.... See More
 
PLDT Home Brings PH’s First All-in-One Video-on-demand, Pay TV and Free Channels Streaming Device
Techworld Date Posted: 2:35 PM | 235 Views
PLDT Home continues to prove why it is the country's digital services leader with its next-generation entertainment device: the Roku PoweredTM TVolution. Developed in partnership with Roku, the Silicon Valley corporation that pioneered the concept...See More

 
Kaspersky Lab Industrial Cybersecurity Conference 2018 Call for Papers
Techworld Date Posted: 3 May 2018 3:42 PM | 144 Views
The growing interconnectedness of IT and operational technology (OT) systems raises new security challenges and requires the transformation of both protection technologies and the mindsets of board members, engineers and IT security teams. . See More
 
Kaspersky Lab Industrial Cybersecurity Conference 2018 Call for Papers
Techworld Date Posted: 3:42 PM | 144 Views
The growing interconnectedness of IT and operational technology (OT) systems raises new security challenges and requires the transformation of both protection technologies and the mindsets of board members, engineers and IT security teams. See More

Rhea Sanvictores
ESGS 2017: The Summit of All Gaming
Techworld • By: Rhea Sanvictores | Date Posted: 30 October 2017 5:23 PM | 768 Views
Hailed as the biggest gaming event in Southeast Asia, the recently concluded Electronic Sports and Gaming Summit (ESGS) has just proven that it really is. . See More
Rhea Sanvictores
ESGS 2017: The Summit of All Gaming
Techworld • By: Rhea Sanvictores | Date Posted: 5:23 PM | 768 Views
Hailed as the biggest gaming event in Southeast Asia, the recently concluded Electronic Sports and Gaming Summit (ESGS) has just proven that it really is. See More

 
ADATA Announces IUSP33F PCIe BGA SSD
Techworld Date Posted: 11 September 2018 11:04 AM | 113 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND flash products, has launched the ADATA IUSP33F PCIe ball grid array (BGA) solid state drive (SSD).. See More
 
ADATA Announces IUSP33F PCIe BGA SSD
Techworld Date Posted: 11:04 AM | 113 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND flash products, has launched the ADATA IUSP33F PCIe ball grid array (BGA) solid state drive (SSD).See More

 
One Year On: Filipino Social Enterprises Better Equipped to Improve Quality of Education Following Completion of SAP Social Sabbatical Program
Techworld Date Posted: 14 July 2017 2:22 PM | 266 Views
Following the completion of SAP Social Sabbatical Program in the Philippines last year, two participating social enterprises, Teach for the Philippines and Silid Aralan (SAI), reported that their organizations are better able to fulfill.... See More
 
One Year On: Filipino Social Enterprises Better Equipped to Improve Quality of Education Following Completion of SAP Social Sabbatical Program
Techworld Date Posted: 2:22 PM | 266 Views
Following the completion of SAP Social Sabbatical Program in the Philippines last year, two participating social enterprises, Teach for the Philippines and Silid Aralan (SAI), reported that their organizations are better able to fulfill...See More

 
HMD Introduces Five New Nokia Phones
Techworld Date Posted: 27 February 2018 4:42 PM | 227 Views
HMD Global, the home of Nokia phones, announced four new additions to its award-winning portfolio of Android smartphones – Nokia 8 Sirocco, Nokia 7 Plus, new Nokia 6 and Nokia 1.. See More
 
HMD Introduces Five New Nokia Phones
Techworld Date Posted: 4:42 PM | 227 Views
HMD Global, the home of Nokia phones, announced four new additions to its award-winning portfolio of Android smartphones – Nokia 8 Sirocco, Nokia 7 Plus, new Nokia 6 and Nokia 1.See More

 
Fortinet PH Gives Back through Bloodletting Activity
Techworld Date Posted: 2 December 2017 4:07 PM | 265 Views
Fortinet Philippines, a global leader in high-performance cyber security solutions, recently conducted a bloodletting activity in support of the Philippine Red Cross (PRC) National Blood Services, at the PRC Tower National Blood Center in.... See More
 
Fortinet PH Gives Back through Bloodletting Activity
Techworld Date Posted: 4:07 PM | 265 Views
Fortinet Philippines, a global leader in high-performance cyber security solutions, recently conducted a bloodletting activity in support of the Philippine Red Cross (PRC) National Blood Services, at the PRC Tower National Blood Center in...See More

 
New IoT-Malware Grew Three-Fold in H1 2018
Techworld Date Posted: 19 September 2018 3:04 PM | 146 Views
According to the Kaspersky Lab IoT report, in the first half of 2018, IoT devices were attacked with more than 120,000 modifications of malware. That’s more than triple the amount of IoT malware seen.... See More
 
New IoT-Malware Grew Three-Fold in H1 2018
Techworld Date Posted: 3:04 PM | 146 Views
According to the Kaspersky Lab IoT report, in the first half of 2018, IoT devices were attacked with more than 120,000 modifications of malware. That’s more than triple the amount of IoT malware seen...See More

 
Apacer AH790 Lightning Swivel USB Flash Drive for iPhone/iPad Expanding more External Memory in Your Apple Devices
Techworld Date Posted: 28 September 2017 3:23 PM | 178 Views
Apacer, a mobile storage solution expert, introduces AH790 dual interface swivel flash drive for iOS devices. Aesthetically built with zinc alloy and equipped with USB 3.1 Gen1 Type-A and Lighting connectors, AH790 is the.... See More
 
Apacer AH790 Lightning Swivel USB Flash Drive for iPhone/iPad Expanding more External Memory in Your Apple Devices
Techworld Date Posted: 3:23 PM | 178 Views
Apacer, a mobile storage solution expert, introduces AH790 dual interface swivel flash drive for iOS devices. Aesthetically built with zinc alloy and equipped with USB 3.1 Gen1 Type-A and Lighting connectors, AH790 is the...See More

 
Data Risks Give No Rewards, Kaspersky Lab Warns
Techworld Date Posted: 31 July 2017 5:04 PM | 367 Views
Users are putting their precious and sensitive data in danger, by the way they share both their information, and their physical devices containing this information with others. Kaspersky Lab's My Precious Data: Stranger Danger.... See More
 
Data Risks Give No Rewards, Kaspersky Lab Warns
Techworld Date Posted: 5:04 PM | 367 Views
Users are putting their precious and sensitive data in danger, by the way they share both their information, and their physical devices containing this information with others. Kaspersky Lab's My Precious Data: Stranger Danger...See More


Power by

Download Free AZ | Free Wordpress Themes