Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    North Korean Front Company Used to Compromise Mac Users

    AdobeStock_92497295

    Suspected North Korean hackers used a front company to spread a malicious cryptocurrency app to both Windows and Mac users, BleepingComputer reports. The APT known as the Lazarus Group stood up a company called “JMT Trading” that posed as a digital currency trading company. The company had a professional-looking website and Twitter account, which the attackers used to establish credibility and encourage users to download their app.

    The attackers copied the code of the legitimate QT Bitcoin Trader program, added malicious functionality, and marketed it as a new application belonging to JMT Trading. They then placed it as an open-source app on GitHub. Since it was a clone of a legitimate program, it still worked as a cryptocurrency trading app. In the background, however, it gave the attackers complete control over the infected computer. Jamf security researcher Patrick Wardle noted that the malware tricks the user into giving it administrative privileges during the installation process.

    BleepingComputer notes the similarity of this campaign to attacks identified by Kaspersky in August 2018. Those attacks used a different front company to distribute another Trojanized cryptocurrency trading application. That campaign was also attributed to the Lazarus Group.

    According to the US Treasury Department, the Lazarus Group is controlled by North Korea’s Reconnaissance General Bureau (RGB), the country’s primary foreign intelligence service. The group is well-known for conducting financially motivated cybercrime around the world.

    Both nation-state hackers and cybercriminals are well-resourced and capable of launching sophisticated cyberattacks that blend social engineering with technical expertise. New-school security awareness training can enable your users to exercise a necessary degree of caution when downloading programs from the Internet.

    BleepingComputer has the story: https://www.bleepingcomputer.com/news/security/attackers-create-elaborate-crypto-trading-scheme-to-install-malware/

     

    Return To KnowBe4 Security Blog

    Get Your Ransomware Hostage Rescue Manual

    Ransomware Hostage Rescue Manual Cover 2022This 26-page manual is packed with actionable info that you need to prevent infections, and what to do when you are hit with ransomware. You also get a Ransomware Attack Response Checklist and Prevention Checklist. You will learn more about:

    1. What is Ransomware?
    2. Am I Infected?
    3. I’m Infected, Now What?
    4. Protecting Yourself in the Future
    5. Resources

    Don’t be taken hostage by ransomware. Download your rescue manual now! 

    Get Your Manual

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://info.knowbe4.com/ransomware-hostage-rescue-manual-0

    Topics: Security Awareness Training, Ransomware

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews