The United States of America government has identified a particular Cryptocurrency malware allegedly being used by North Korea to steal crypto. Top United States security agencies like the FBI (Federal Bureau of Investigation), the Treasury Department, and the CISA (Cybersecurity and Infrastructure Security Agency) have all reported that the cryptocurrency malware called AppleJeus was being disguised in the past as a crypto trading software that was legitimate. Meanwhile, the reports showed that North Korea was using the crypto-malware in a disguised form to carry out cryptocurrency thefts.
Agencies in the United States have given detailed reports about AppleJeus
AppleJeus has successfully been disguised in the past into more than seven different names that sound official. AppleJeus was first deployed in the year 2018. Since then, it has disguised up to seven different pseudo-official names: Celas Trade Pro, Ants2Whale, and Dorusio, Kupay Wallet, Union Crypto, JMT Trading, and CoinGo Trade.
So, AppleJeus was being disguised to look like many legit crypto trading companies. After disguising, the aim was to get users to download the malware as a third-party application from unsuspecting sources. Many times, unsuspecting users downloaded the malware from websites that we’re also unaware of the disguise.
The malware used third-party apps and websites to bait people into downloading it and used techniques like social networking, social engineering, and phishing to get users to download the malware. Hidden Cobra, a North Korean Cyber unit that is hugely sponsored, is also called Lazarus Group. According to the report, this group is known to have laundered and stolen up to hundreds of millions of crypto since January 2020.
This Cyber unit called Lazarus Group is a group of hackers that targeted companies and individuals, mainly into cryptocurrency exchange and financial services. This group, called Lazarus Group, has, as a result, committed crimes in up to 32 countries across the world. Remember that Lazarus Group is also called Hidden Cobra. Notable countries that this hacker group from North Korea has exploited include Belgium, Argentina, Australia, etc.
North Korea has been putting up campaigns for their nuclear weapons funding
Since a long time ago, the North Korean government has been putting up malicious campaigns that the United States has continuously tried to counter with actionable steps. According to a UN report in 2019, North Korean operators stole up to $2 billion in about 35 cyberattacks in over 12 countries worldwide 2019.
These cyberattacks were carried out on crypto exchanges, banks, and other financial services. In 2020, North Korea tried to fund its nuclear weapons program and its ballistic missile programs by stealing and laundering cryptocurrencies. For the past years, North Korea has been using cryptocurrency to fund its nuclear weapons program’s advancement.