For the longest time, the macOS system has always been deemed to be more secure than Windows’ as it is less susceptible to malware programs. However, this long-standing superiority that macOS has over Windows faced a notable challenge today, when hackers from North Korea were able to hack into a cryptocurrency exchange with a malware that was developed to target both Windows and macOS systems.
According to a report by Russian internet security company Kaspersky Lab, the “AppleJeus” malware successfully penetrated the great macOS firewall and made its way into the systems of a cryptocurrency exchange when one of its employees downloaded an affected app. To protect the interests of the exchange, Kaspersky did not reveal its name. However, they explained that the “Trojan horse” application originated from a fraudulent developer armed with fake security certificates, and is suspected to be a part of the infamous North Korea hacker collective Lazarus Group.
Kaspersky claims that the malware was deployed in an attempt to rob the cryptocurrency exchange of its funds, which is not very surprising considering the latest tirade of hacks – both successful and botched ones – targeted at some of the biggest crypto exchanges in the world.
In the report, they also mentioned that the reason behind the hackers creating a malware that targets macOS was to “ensure that the OS platform was not an obstacle to infecting targets. It seems the attackers went the extra mile and developed malware for other platforms, including for macOS.”
To make matters worse, the hackers have no intention of stopping at all. Now that they’ve finally managed to conquer the macOS system, they are shifting their crosshairs to their next target – Linux. According to Kaspersky, “a version for Linux is apparently coming soon, according to the website. It’s probably the first time we see this APT group using malware for macOS.”
In an email interview with Bleeping Computer, the head of the Global Research & Analysis (GReAT) Asia Pacific (APAC) team at Kaspersky Lab, Vitaly Kamluk said:
“The fact that they developed malware to infect macOS users in addition to Windows users and – most likely – even created an entirely fake software company and software product in order to be able to deliver this malware undetected by security solutions, means that they see potentially big profits in the whole operation.”
South Korea Crypto Exchanges – Hackers’ Favorite Target
This is not the first time that the Lazarus Group has targeted cryptocurrency exchanges – or mainly the ones on South Korea, to be more specific. In the past, they are known to have launched attacks on platforms such as Bithumb, YouBit, and Coinlink.
Two months ago, Bithumb, the world’s sixth-largest cryptocurrency exchange, suffered a devastating hack, with thieves stealing over $30 million worth of cryptocurrencies from its platform. The heist took place on June 20, when the Seoul-based exchange froze all transactions – deposits and withdrawals included – and began transferring funds to cold wallets to prevent further losses.
Although there has been no official confirmation by the exchange, it is suspected that this theft was caused by a hack. This news came just a little over a week after Coinrail, another South Korean cryptocurrency exchange platform, lost more than $50 million – or 30 percent of all of the cryptocurrency tokens that platform was storing.
North Korea And Its Dark Past
North Korea has not been the most well-behaved nation either when it comes to cryptocurrency larceny. Over the past year, Kim Jong-un’s administration allegedly hoarded over $200 million worth of cryptocurrencies, effectively alleviating the repercussions of the various economic and political sanctions from some of the largest global superpowers in the world.
In an interview with Radio Free Asia, Priscilla Moriuchi, a former US National Security Agency officer, reported that at least 11,000 Bitcoins were accrued by Kim Jong Un’s regime. Moriuchi, who now works for Recorded Future, a cyber threat intelligence firm, posits that North Korea must have acquired the cryptocurrencies via hacking or mining.
Follow us on Twitter, Facebook, Steemit, and join our Telegram channel for the latest blockchain and cryptocurrency news.