Copy link
Increase text size
Decrease text size
Link copied

North Korean hacking group may be behind near-undetectable macOS malware

Lazarus, the infamous North Korean group, may be gearing up to launch another cyber-attack after a macOS malware has been discovered that has similarities with previous Lazarus virus.

Image: Pixabay

Thu, 05 Dec 2019, 03:35 am UTC

The infamous North Korean hacking group Lazarus appears to be on the move again, this time targeting macOS. Bleeping Computer reports that the group may be behind the new macOS malware that was found lurking beneath a fake cryptocurrency trading site.

The malware is notoriously difficult to spot and only five antivirus software can flag it down. The virus was found on the website “” and is offering a “smart cryptocurrency arbitrage trading platform.”

Fortunately, researchers found the malware before Lazarus could stage an attack. The first stage of the hack is an executable binary called “unioncryptoupdater,” which contacts a remote server to launch a payload.

A similar pattern

Although the server itself is active, it’s not providing the said payload, indicating that Lazarus may have been caught before it could full launch the operation. The lack of certificate is also another indication that Lazarus has been caught before the deed. According to security researcher and macOS hacker Patrick Wardle, this sort of procedure has an uncanny resemblance to the Operation AppleJesus that was attributed to the Lazarus group.

In September, U.S. President Donald Trump imposed a sanction on three North Korean groups that were supposedly responsible for the various attacks launched against multiple countries and crypto exchanges. The overall revenue that the group has apparently collected has reached $2 billion, which has been used to fund North Korea’s weapons and missile programs.

Countries in the east and west have all been targeted. From India and South Korea to Turkey and Mexico, the group’s hacking activities encompass hundreds of territories. Lazarus gained infamy two years ago when it stole and launched the WannaCry ransom worm from the National Security Agency (NSA) that spread through 150 countries and shut down around 300,000 computers. The U.K. health sector took most of the damage and it’s estimated that the virus cost the industry $112 million, Ars Technica reported.

North Korea contests the accusations

Following Trump’s sanction, North Korea published a statement that refuted the claims. A spokesperson for the ostracized nation called the accusations as “sheer lie.”

“The fabrication of such a sheer lie by the ringleaders of cybercrime and all other crimes is quite an absurd act aimed at re-enacting the same old trick as the Hitler fascist propagandists used to cling to, often saying ‘Tell a lie a hundred times and it will pass as a truth’. Such a fabrication by the hostile forces is nothing but a sort of a nasty game aimed at tarnishing the image of our Republic and finding justification for sanctions and pressure campaign against the DPRK,” the official statement read.

TokenPost | [email protected]

<Copyright © TokenPost. All Rights Reserved. >

To leave a comment, please sign in.
  • Bitcoin (BTC) $8,419.16 (-2.84%)
  • Ethereum (ETH) $163.24 (-2.94%)
  • XRP (XRP) $0.224600 (+0.84%)
  • Bitcoin Cash (BCH) $326.23 (-5.45%)
  • Bitcoin SV (BSV) $261.59 (-14.45%)
  • Bitcoin (BTC) $8,419.16 (-2.84%)
Jan 23, 2020 (Thursday)
Amun lists inverse bitcoin ETP on SIX Swiss Exchange
World Economic Forum creates framework to help central banks design and deploy CBDC
Crypto Technicals: Major Cryptocurrency Support Resistance Levels
Crypto Technicals: Major Cryptocurrency Daily Technical Outlook
Four Belgian banks including BNP Paribas, ING to share corporate KYC data using blockchain
Crypto Technicals: XRP/USD dives over 4%, more weakness on break below 21-EMA support (0.2231)
Dubai's government-owned utility company and Siemens organize blockchain lectures and seminars
SportsCastr to reward viewers with own cryptocurrency 'FanChain'
Hacker Noon deploys first blockchain feature after leaving Medium
Hyperledger launches community group to leverage blockchain to meet climate goals
Crypto Technicals: ETH/USD extends weakness below 200H MA, eyes 110-EMA support at 159.52
Deloitte sees Facebook's Libra as “bold new proposition” to create global financial infrastructure
Square receives U.S. patent for cryptocurrency payment network
Crypto Market - Asian Session Wrap - 23rd January 2020
Kik technical advisor to appear for deposition in ongoing Kin ICO case with SEC
Grayscale continues to support ethereum classic developers
Crypto Technicals: BTC/USD turns bearish near-term, eyes 21-EMA support at 8318
Central banks of Hong Kong and Thailand complete DLT trial for cross-border funds transfer
Jan 22, 2020 (Wednesday)
Crypto Technicals: Major Cryptocurrency Support Resistance Levels
Crypto Technicals: Major Cryptocurrency Daily Technical Outlook
Subscribe to the TokenPost newsletter!
Don't show me this again today.
Back to top
Copyright ⓒ TokenPost. All Rights Reserved.