A site for cryptocurrency traders found malware from North Korean hackers from Lazarus



1XBET: 100% Welcome Bonus.
CLICK ON THE BANNER TO REGISTER And CLAIM BONUS INSTANTLY


A site for cryptocurrency traders found malware from North Korean hackers from Lazarus

Am Sure you can learn successful Blogging secrets through me, am also sure you can learn how to make money online with the help of my updates why not leave your email behind let me show you how.

Security researcher Dinesh Devadoss discovered a malware for macOS on unioncrypto.vip that advertises an “intelligent cryptocurrency arbitrage platform.”

UnionCryptoTrader malware contains a postinstall script that installs the vip.unioncrypto.plist daemon. The package does not contain a digital signature, so when you open it, the operating system will issue a warning.

The malware then communicates with the remote command server, which provides it with a payload to execute in the computer’s memory. UnionCryptoTrader collects basic information about the system: serial number and OS version.

The unioncryptoupdater hidden binary is configured to start every time the system reboots.

The threat has a low detection rate, which makes it difficult to conduct forensic analysis. According to the VirusTotal service, at the moment only five anti-virus engines have marked this program as malicious.

The similarity of UnionCryptoTrader with last year’s AppleJeus attack prompted researchers to think that the North Korean hacker group Lazarus was behind its creation.

Then, malware was detected in the IT systems of one Asian cryptocurrency exchange. With the help of the Fallchill Trojan, it hit various operating systems and was intended to steal cryptocurrency.

A site for cryptocurrency traders found malware from North Korean hackers from Lazarus



1XBET: 100% Welcome Bonus.
CLICK ON THE BANNER TO REGISTER And CLAIM BONUS INSTANTLY


Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *