According to research published yesterday, the hacking group, Lazarus, is now using fake cryptocurrency trading software, created by a similarly fake front company, Forbes reports. It appears that hackers set up a front company called JMT Trading, and wrote an accompanying open-source cryptocurrency trading app. The code to which was hosted on GitHub. However, here’s where the originality ends. In the code for the JMT Trading software is a piece of malicious code which, according to Mac security expert Patrick Wardle, gives hackers the “ability to remotely execute commands” on a victim’s device. It gives bad actors full control over the infected macOS system, giving attackers the ability to do anything they want, he added. On closer inspection, JMT Trading is just a reapplication of Lazarus’ previous strategies in which it bundles nefarious code with legitimate looking apps. Last year, Lazarus set up a fake trading platform and company called Celas, it was detected by security researchers at Kaspersky Labs. Research posted to Securelist, Kaspersky’s media outlet read: You could say that Lazarus has zero creativity, seeing as it’s just recycling its old hacks, but on the other hand, it could be because its scams are working. Research last year found the North korea-linked hacking group was the most profitable hacking syndicate in the world. Want more Hard Fork? Join us in Amsterdam on October 15-17 to discuss blockchain and cryptocurrency with leading experts.
