U.S. Warns Of Lazarus hackers Using Malicious Crypto Apps

A joint report by CISA, the FBI and the U.S. Treasury Department has warned organizations in the crypto and blockchain industry about a new threat posed by the North Korean hacking group Lazarus.

Security agencies found that hackers using trojanized cryptocurrency applications are targeting organizations in these industries.

To carry out the attack, the hackers use social engineering to trick employees of cryptocurrency companies into downloading and running malicious Windows and macOS cryptocurrency apps.

The trojanized tools are then used to carry out various malicious activities, including accessing the target’s computers, spreading malware on their networks, and stealing private keys that allow fraudulent blockchain transactions to be initiated.

Users are tricked into downloading the TraderTraitor Trojan applications. This is an electronic-based, cross-platform utility developed with JavaScript and the Node.js runtime environment.

TraderTraitor cryptocurrency apps used in these campaigns include DAFOM, TokenAIS, CryptoAIS, AlticGO, Esilet and CreAI Deck.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web