The US government has uncovered one of the tools used by North Korean government to carry out its crypto-related cybercrimes. According to a report published by the authorities, hackers of the Asian government designed a malware known as “AppleJeus” which is used to siphon crypto assets of unsuspecting victims.
The report noted that the malware was designed in such a way that its operations and appearance would convince many that it carries out legitimate operations, and its primary targets were crypto traders. It was also stated that AppleJeus was first launched in 2018 and it has undergone a series of name changes to make it look and sound legit. Some of the names it has been known with are: Celas Trade Pro, JMT Trading, Union Crypto, Kupay Wallet, CoinGoTrade, Dorusio and Ants2Whale.
Details of the report showed that it was a collaborative effort between the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Treasury Department. The illegal activities of the North Korean government has also been codenamed “HIDDEN COBRA.”
It was highlighted that the attackers operated within a group named “Lazarus group” and they had been able to successfully steal and launder millions of crypto assets since the beginning of last year. Primarily, their targets have been crypto exchanges, financial institutions and individuals who are spread across 32 countries.
North Korea Uses AppleJeus to Beat International Sanctions
According to the report, the group viewed their actions as a way to “circumvent international sanctions on North Korea” as the “applications enable them to gain entry into companies that conduct cryptocurrency transactions and steal cryptocurrency from victim accounts.”
The group was said to have evolved over time and changed its strategy to include the use of “phishing, social networking, and social engineering techniques to get users to download the malware.” In previous times, they only used legitimate crypto platforms to mask their illegal activities.
Any user that suspects his system has been attacked by the AppleJeus malware is advised to “generate new keys or move funds out of compromised crypto wallets, expel affected hosts, run anti-malware scans on infected computers, and notify either the FBI, CISA, or Treasury Department.”
This report comes hot on the heels of a UN report that alleges that hackers of the Asian country stole over $300 million worth of cryptocurrency to help their government pay for its nuclear weapons and ballistic missiles programs.