Non Cult Crypto News

Non Cult Crypto News

in

North Korean malware evades Apple notarization, targets macOS users

The newly discovered malware is interesting for being the first of its kind detected, but it seems to have been a trial balloon.

COINTELEGRAPH IN YOUR SOCIAL FEED

North Korean hackers seem to have created malware that evaded Apple security checks. The apps seem to be experimental, Apple-focused Jamf Threat Labs researchers say. It was the first time they had seen this technology used to compromise Apple’s macOS operating system, but it will not run on up-to-date systems.

Weaponizing a security weakness

The Jamf Threat Labs researchers found apps with malicious intent that were reported as clean by Microsoft’s VirusTotal online scanning service. They were found in variants written in the Go and Python languages and using the Google Flutter app.

Flutter is an open-source developer kit that enables the creation of multi-platform apps.

Five of the six malicious apps had developer account signatures and had been temporarily notarized by Apple. The researchers wrote:

“The domains and techniques in the malware align closely with those used in other DPRK [Democratic People’s Republic of Korea — North Korea] malware and show signs that, at one point in time, the malware was signed and had even temporarily passed Apple’s notarization process.”

“It’s unclear in this case if the malware has been used against any targets or if the attacker is preparing for a new form of delivery,” they added. They concluded it was “likely testing for greater weaponization.”

The malware had names associating them with cryptocurrency, such as New Updates in Crypto Exchange, New Era for Stablecoins and DeFi, CeFi, and Multisig Risks in Stablecoin and Crypto Assets, which hinted at the hackers’ ultimate target. When New Updates in Crypto Exchange was executed, it opened a modified minesweeper game.

Related: $235M WazirX exchange hack has implications for India’s crypto industry

Organized hackers do it best

North Korean hackers have a well-deserved reputation for ingenuity. They were caught exploiting a vulnerability in Chrome in October to steal crypto wallet credentials. Allegations were made the same month that North Koreans had had a hand in developing the Cosmos network Liquid Staking Module.

Source: Jamf

The hackers are highly organized and allegedly take in hundreds of thousands of dollars worth of cryptocurrency a month and have made approximately $3 billion in the last six years, according to the United Nations.

Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis

This article first appeared at Cointelegraph.com News

What do you think?

Written by Outside Source

Dogecoin Soars Past $0.4 as Expert Calls for Major Gains, What About Pepe Unchained

Arthur Hayes Explains How Bitcoin’s Price Could Soar to $1M

Back to Top

Ad Blocker Detected!

We've detected an Ad Blocker on your system. Please consider disabling it for Non Cult Crypto News.

How to disable? Refresh

Log In

Or with username:

Forgot password?

Don't have an account? Register

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

To use social login you have to agree with the storage and handling of your data by this website.

Add to Collection

No Collections

Here you'll find all collections you've created before.