Tag: lazarus
Feds try to block N. Korea’s crypto-cash pipeline
The US Federal Bureau of Investigation (FBI) is conducting an ongoing investigation into the notorious North Korean cybercrime group Lazarus, formerly known as “God’s Apostles”. The group is alleged to have stolen over $800 million in virtual currency. Over the past decade, the Lazarus group has targeted entertainment companies, banks, and pharmaceutical companies both in the US and worldwide. One heist, in particular, is referenced in the court documents, where approximately $41 million worth of virtual money was allegedly stolen from the online casino platform Stake.com and laundered through VCM Sinbad. Sinbad has since been sanctioned by the US Treasury Department’s Office of Foreign Assets Control for its involvement in laundering money from the Stake.com heist, among others executed by Lazarus.
New malware payload evades detection – October 2nd
Crypto firms have been warned about the new Lazarus malware payload, called 'LightlessCan', which easily evades detection. The malware variant has since been used in fake job scams. The 'LightlessCan' malware was discovered on 29 September, while researchers were investigating a fake employment scam attack leveled against a Spanish aerospace firm.
Lazarus Group arises with new malware strategy – August 25th
A new malware strain that gives the location of an infected device has been identified. The Hacker News explains that the malware has one operation: 'Every minute it triangulates the infected systems' positions by scanning nearby Wi-Fi Access points as a data point for Google's geolocation API.' Cyber experts aren't yet clear 'who or what' is interested in the location of an infected device or the motives behind why this specific form of malware was produced.