Moscow-based Kaspersky Labs said crypto users should be aware of potential attacks from hackers in North Korea as they develop malware through the most popular app Telegram.
Kaspersky said cybercrime group Lazarus has significantly changed its hack methodology through using improved tactics dubbed as “Operation AppleJeus Sequel” to obtain the cryptocurrency.
The cybersecurity firm managed to determine several victims from the UK, Poland, China and Russia, most of which have crypto business.
One of these cases included an update for a fake crypto wallet, through which hackers managed to transmit user data. Another case involved establishing a backdoor for Mac software without allowing the computer to be aware of any attack.
“The AppleJeus sequel operation demonstrates that, despite significant stagnation in the cryptocurrency markets, Lazarus continues to invest in cryptocurrency-related attacks by making them more sophisticated,” said Seongsu Park, security researcher at Kaspersky.
“Further changes and diversification of their malware demonstrates that there is no reason to believe that these attacks will not continue to grow in numbers and become a more serious threat,” he added.
The Lazarus can avoid detection by running malware through computer memory rather than a hard disk.
“This kind of attack on cryptocurrency businesses will continue and become more sophisticated,” Kaspersky said.
Group-IB earlier stated that Lazarus has stolen almost cryptocurrencies worth $600 million in 2017 and 2018.
North Korean hackers managed to steal $2 billion from cryptocurrency exchanges and foreign financial institutions, according to a recent UN report.