This hacker group is using Telegram to steal cryptocurrency

The hacker group, Lazarus, is said to be launching a series of crypto-theft campaigns via the Telegram platform.

The hacker group, Lazarus, is said to be launching a series of crypto-theft campaigns via the Telegram platform.

In fact, the operation of this group of hackers has been in the sights of Kaspersky. But in a recently released report, security researchers said they found evidence that the group of hackers had significantly changed their attack methods.

In particular, Lazarus has adjusted the way malware is injected into the system, making it easier for them to extract illegal cryptocurrencies from the compromised systems, while still ensuring the ability to hide 'transcendental' by how to infect and execute malicious code in memory instead of launching from hard drive as usual.

In particular, the team said that Lazarus is currently using Telegram - an extremely popular messaging application in the cryptocurrency community - as one of their main attack vectors.

This offensive campaign was named after AppleJeus Sequel by Kaspersky. And like many other campaigns, fake cryptocurrency trading companies are the bait used to entice victims. These companies own complete, well-designed trading websites, and links to fake Telegram trading groups are equally sophisticated.

For example, a typical case of infection has been reported: A Windows system infected with the malware Lazarus sent to the device via Telegram. The user accidentally downloaded the malicious payload and started it, Telegram itself has not been compromised.

After successfully infecting the target system, the attacker has remote access to control the device and perform a variety of malicious behaviors, most of which are related to cryptocurrencies. .

During the study, Kaspersky found a number of fake cryptocurrency trading websites that were disguised as extremely sophisticated. As you can see in the image below, this is a fake website that links to an active Telegram trading group.

This hacker group is using Telegram to steal cryptocurrency Picture 1This hacker group is using Telegram to steal cryptocurrency Picture 1

The research team said it has identified several victims of the new attack, mainly from Britain, Poland, Russia and China, and most of the organizations and businesses operating in the country. Crypto-related field.

As of August 2019, Lazarus is believed to have pocketed up to $ 2 billion through hacks targeting multinational financial institutions and cryptocurrency exchanges.

4.5 ★ | 2 Vote