The first malware for Mac systems developed by infamous North Korean hacking group Lazarus has been discovered.
Researchers have fingered the Lazarus group for the destructive attack on Sony Pictures in 2014, as well as more recent financially-motivatedattacks on South Korean cryptocurrency exchanges, a spate of targeted ransomware attacks on corporations in the US and Europe, and multiple raids on banks through the industrys SWIFT system.
All of those attacks have targeted Windows systems, however researchers at Kaspersky Lab have found the groups first known malware targeting Apple macOS computers in the form of a hidden software updater for a seemingly bonafide app aimed at cryptocurrency traders called Celas Trade Pro.
But software was fake and the company behind it appears to have been bogus too, according to Kaspersky researchers.
The macOS malware was discovered while the company was investigating a breach at an unnamed Asian cryptocurrency exchange that its researchers believe was compromised by one of Lazarus malware tools called Fallchill, a remote access tool that US-CERT has filed under its investigation into North Koreas Hidden Cobra hacking activity.
Using a trojanized software updater for an application relevant to cryptocurrency trading was a notable difference to fake Flash Player updates spread through malicious ads aimed at the masses.
In this case, the hackers appear to have only wanted to snag people keen on installing cryptocurrency trading software, in this case Celas Trade Pro from a company claiming to be Celas LLC.
Including malicious code into distributed software and putting that on a website would be too obvious. Instead, the attackers went for a more elaborate scheme: the trojan code was pushed out in the form of an update for a trading application, Kaspersky Lab researchers note.
Celas Trade Pro didnt display malicious behavior and looked like a genuine cryptocurrency trading program developed by Celas, and was seemingly verified with a legitimate-looking digital certificate.
However the researchers found that the macOS installer includes a module that persists after a reboot and contacts a remote server to install more malware.
The malicious Celas Mac software was offered alongside a Windows executable that displayed the same behavior as the Mac malware. The site also flagged a Linux update was coming soon.
The fact that [the attackers] developed malware to infect macOS users in addition to Windows users and most likely even created an entirely fake software company and software product in order to be able to deliver this malware undetected by security solutions, means that they see potentially big profits in the whole operation, and we should definitely expect more such cases in the near future, Vitaly Kamluk of Kaspersky Lab said in a statement.
For macOS users this case is a wakeup call, especially if they use their Macs to perform operations with cryptocurrencies.
Read more: Olympic Destroyer destructive malware targets EU bio-weapons research groups
Error: Please check your email address.
Tags trojannorth koreakasperskyMacOSLazarus
More about AppleKasperskyKaspersky LabLinuxMacsSony
- Cryptocurrency price plunge worse than bursting of dotcom ... - September 18th, 2018
- Iran, North Korea and Venezuela turning to cryptocurrency ... - September 12th, 2018
- SEC halts trading in two cryptocurrency products, citing ... - September 12th, 2018
- Cryptocurrency News, ICO Reviews & Blockchain Updates ... - September 9th, 2018
- Cryptocurrency "miners," utilities look for ways to get along ... - August 29th, 2018
- Cryptocurrency: Virtual money, real power, and the fight ... - August 28th, 2018
- Pornhub Now Accepts PumaPay Cryptocurrency - August 27th, 2018
- Cryptocurrency: The unlucky investors who got in at the wrong ... - August 26th, 2018
- cryptocurrency coins Archives - The Industry Spread - August 26th, 2018
- cryptocurrency Archives - Page 6 of 6 - The Industry Spread - August 26th, 2018
- Cryptocurrency investment in SMSF - hallandwilcox.com.au - August 26th, 2018
- How To Choose The Best Cryptocurrency Wallet - Crypto News AU - August 26th, 2018
- Courses | Cryptocurrency Australia - August 26th, 2018
- What Every Investor Should Know Before Buying Cryptocurrency ... - August 26th, 2018
- The biggest cryptocurrency hack in the history of blockchain - August 26th, 2018
- After the Bitcoin Boom: Hard Lessons for Cryptocurrency ... - August 21st, 2018
- Cryptocurrency Rankings | CryptoSlate - August 14th, 2018
- Bitcoin price falls after SEC postpones key ETF decision - August 12th, 2018
- Brokers Cryptocurrency Deals Are Focus of SEC Review ... - August 7th, 2018
- 7 Cryptocurrency Predictions for the Rest of 2018 - August 7th, 2018
- Have a Cryptocurrency Company? Bermuda, Malta or Gibraltar ... - July 31st, 2018
- Bitcoin price live: Latest updates as cryptocurrency ... - July 22nd, 2018
- 2018 Bahamas Blockchain & Cryptocurrency Conference - July 16th, 2018
- Best Cryptocurrency Trading Platform 2018 | Top Crypto ... - July 13th, 2018
- Cryptocurrency: Advantages And Disadvantages Explained - July 12th, 2018
- ATB Coin - The fastest and most secure payment system - June 19th, 2018
- An Illustrated Glossary of Cryptocurrency Slang (Infographic) - June 19th, 2018
- Apollo All-in-One Cryptocurrency - June 3rd, 2018
- Cryptocurrency News, ICO Database, Coin Rankings and ... - May 25th, 2018
- CoinLib - Cryptocurrency prices now - May 21st, 2018
- Cryptocurrency Market Capitalizations | CoinMarketCap - May 4th, 2018
- CryptoCurrency Market , Coin Prices & Charts, Crypto ... - April 28th, 2018
- Nasdaq open to cryptocurrency exchange in future, says CEO - April 27th, 2018
- The 4 Top Cryptocurrency Mining Stocks -- The Motley Fool - April 27th, 2018
- One in five financial institutions consider cryptocurrency ... - April 27th, 2018
- New hacks siphon private cryptocurrency keys from ... - April 27th, 2018
- What Is Cryptocurrency? - dummies - April 21st, 2018
- Cryptocurrency Market Surges to $365 Billion, Start of a ... - April 21st, 2018
- BTCMANAGER | Bitcoin, Blockchain & Cryptocurrency News - April 16th, 2018
- How to keep your cryptocurrency safe - CNET - April 11th, 2018
- How do I report Cryptocurrency Mining income? - TurboTax ... - April 4th, 2018
- When do you report Cryptocurrency investments? - TurboTax ... - April 4th, 2018
- Trading Cryptocurrency in 2018: The Definitive Guide - March 14th, 2018
- How would one operate a Cryptocurrency Mining Pool and ... - March 13th, 2018
- Coinbase cryptocurrency index fund - Business Insider - March 10th, 2018
- Cryptosomniac | Cryptocurrency Price Tracker - Bitcoin & Eth ... - February 24th, 2018
- Cryptocurrencies News & Prices | Markets Insider - February 22nd, 2018
- I started cryptocurrency mining at the end of 2017 and was ... - February 20th, 2018
- Cryptocurrency News - Bitcoin, Ethereum, NEO, ICO startups - February 8th, 2018
- 7 Best Cryptocurrency Exchanges to Buy/Sell Any ... - February 8th, 2018
- Electroneum. The Mobile Cryptocurrency. - February 8th, 2018
- Cryptocurrencies trading | your guide in the world of trading ... - February 5th, 2018
- Robinhood trading app introduces cryptocurrency - money.cnn.com - January 28th, 2018
- Robinhood adds zero-fee cryptocurrency trading and tracking ... - January 28th, 2018
- Cryptocurrency Price Prediction, Comparison, Analysis - January 22nd, 2018
- South Korea's major cryptocurrency exchanges ... - reuters.com - January 13th, 2018
- Bitcoin-crazy South Korea may face a ban on cryptocurrency ... - January 13th, 2018
- Cryptocurrency - IC Markets - January 13th, 2018
- Kodak launches cryptocurrency, stock pops 125% - Jan. 9, 2018 - January 10th, 2018
- The cryptocurrency bubble is strangling innovation | TechCrunch - January 9th, 2018
- Coinschedule - The best cryptocurrency ICOs (Initial Coin ... - January 8th, 2018
- CCN: Bitcoin, Ethereum, ICO, Blockchain & Cryptocurrency News - January 7th, 2018
- Cryptocurrency boom: Why everyone is talking about ripple - January 4th, 2018
- Cryptocurrency stocks holding gains despite bitcoin pullback ... - December 29th, 2017
- MobileCoin: A New Cryptocurrency From Signal Creator Moxie ... - December 16th, 2017
- Cryptocurrency Definition | Investopedia - December 6th, 2017
- '$300m in cryptocurrency' accidentally lost forever due to bug ... - November 10th, 2017
- Amazon might want in on cryptocurrency - mashable.com - November 8th, 2017
- What is Cryptocurrency - earnlite.com - October 26th, 2017
- Cryptojacking Lets Strangers Mine Cryptocurrency With Your ... - October 21st, 2017
- Introduction to Cryptocurrency - CryptoCurrency Facts - October 14th, 2017
- Cryptocurrency Flash Crash Is Said to Draw Scrutiny From CFTC ... - October 7th, 2017
- Cryptocurrency Alternatives to Bitcoin - due.com - October 7th, 2017
- Learn BitCoin and master the world of cryptocurrency - October 7th, 2017
- Almost Every Cryptocurrency Is Tanking Right Now | Time.com - September 7th, 2017
- Cryptocurrency boom stalls as regulators focus on ICOs ... - September 7th, 2017
- Why Marketers Need to Pay Attention to Cryptocurrency -- Now - Entrepreneur - September 7th, 2017
- Opinion: That Floyd Mayweather-backed cryptocurrency is another sign of a bursting bubble - MarketWatch - September 7th, 2017
- Putin-Backed Political Group Advances 'Green' Cryptocurrency Concept - CoinDesk - September 7th, 2017
- First He Beat Up His Girlfriend, Now He's Selling Cryptocurrency With Paris Hilton - Daily Beast - September 7th, 2017