According to Kaspersky Lab, the hackers from North Korea managed to hack cryptocurrency exchange using macOS – and Windows-compatible virus “AppleJeus”. This is stated in the report of the company published today on the Secure List.
System of the exchange, whose name was not disclosed, was struck after one of its employees downloaded malware. Cyber security specialists Kaspersky Lab believe that the infected program has been “released” non-existent developer with fake security certificates, which is a North Korean hacker group the Lazarus Group.
Script programs were written with the goal of stealing cryptocurrency from the wallets of traders. In the report, Kaspersky Lab stressed that the attackers had taken additional steps to make the virus immune to the particular methods protect a variety of operating systems, including macOS:
“The program website says that the soon to be released version for Linux. This is perhaps the first time this group uses malware for macOS”.
Usually, Lazarus attacks the South Korean stock exchange. Among the sites affected by the hackers are Bithumb, YouBit and Coinlink.
In an interview with Beeping Computer leading expert of Kaspersky Lab’s Vitaly kamluk commented:
“The fact that they wrote the virus that is compatible with macOS in addition to Windows, and that probably created a fake company and fake program that the virus would go unnoticed by security systems, means that the whole operation must be extremely profitable for them.”
Recall that during the break Bithumb hackers stole digital assets totaling $31 million.
