North Korean Hacker Group Launches Fake Cryptocurrency Trading Site

December 5, 2019, by Marko Vidrih on ALTCOIN MAGAZINE

Computer security specialist Dinesh Devadoss announced the discovery of a computer virus developed by the Lazarus group for the MacOS operating system.

The virus was detected on a fake cryptocurrency trading site with the address “unioncrypto.vip”, which is being promoted as a “platform for arbitrage trading of cryptocurrencies.” At the same time, the virus should automatically start from a remote server when you visit the site and at the moment it is detected only by a small number of antiviruses.

It is reported that the malicious package does not have a signature certificate, so when you start MacOS warns the user about a possible danger. Although the remote server is already running, the virus launch function is not yet active. Perhaps the threat was discovered even before it was put into operation, but it is obvious that the owners of cryptocurrencies should have become the target of the hackers.

Another cybersecurity specialist, Patrick Wardle, said the virus has “explicit intersections” with another malware program also launched by Lazarus.

Earlier in a closed UN report, it was reported that North Korea finances the development of weapons through digital and fiat currencies stolen from banks and cryptocurrency exchanges. Back in the fall of last year, Group-IB announced that a North Korean hacker group had stolen $571 million in cryptocurrencies.

Author: Marko Vidrih