![]() ![]() ![]() Once you're done with your test coins, it is a nice gesture to send them back to the faucets, so they become available to other developers. bitaps.This Malware Analysis Report (MAR) is the result of analytic efforts among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Treasury (Treasury) to highlight the cyber threat to cryptocurrency posed by North Korea, formally known as the Democratic People’s Republic of Korea (DPRK), and provide mitigation recommendations.government partners, FBI, CISA, and Treasury assess that Lazarus Group-which these agencies attribute to North Korean state-sponsored advanced persistent threat (APT) actors-is targeting individuals and companies, including cryptocurrency exchanges and financial service companies, through the dissemination of cryptocurrency trading applications that have been modified to include malware that facilitates theft of cryptocurrency. This MAR highlights this cyber threat posed by North Korea and provides detailed indicators of compromise (IOCs) used by the North Korean government. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. ![]() For more information on other versions of AppleJeus and recommended steps to mitigate this threat, see Joint Cybersecurity Advisory AA21-048A: AppleJeus: Analysis of North Korea's Cryptocurrency Malware at. There have been multiple versions of AppleJeus malware discovered since its initial discovery in August 2018. In most versions, the malware appears to be from a legitimate-looking cryptocurrency trading company and website, whereby an unsuspecting individual downloads a third-party application from a website that appears legitimate. Government has identified AppleJeus malware version-Celas Trade Pro-and associated IOCs used by the North Korean government in AppleJeus operations. In August 2018, open source reporting revealed information about a Trojanized version of a legitimate cryptocurrency trading application on a victim’s computer (Note: identity of the victim was not disclosed). The malicious program, known as Celas Trade Pro, is a modified version of the benign QT Bitcoin Trader application. ![]()
0 Comments
Leave a Reply. |