This hacker group is using Telegram to steal cryptocurrency
The hacker group, Lazarus, is said to be launching a series of crypto-theft campaigns via the Telegram platform.
The hacker group, Lazarus, is said to be launching a series of crypto-theft campaigns via the Telegram platform.
In fact, the operation of this group of hackers has been in the sights of Kaspersky. But in a recently released report, security researchers said they found evidence that the group of hackers had significantly changed their attack methods.
In particular, Lazarus has adjusted the way malware is injected into the system, making it easier for them to extract illegal cryptocurrencies from the compromised systems, while still ensuring the ability to hide 'transcendental' by how to infect and execute malicious code in memory instead of launching from hard drive as usual.
In particular, the team said that Lazarus is currently using Telegram - an extremely popular messaging application in the cryptocurrency community - as one of their main attack vectors.
This offensive campaign was named after AppleJeus Sequel by Kaspersky. And like many other campaigns, fake cryptocurrency trading companies are the bait used to entice victims. These companies own complete, well-designed trading websites, and links to fake Telegram trading groups are equally sophisticated.
For example, a typical case of infection has been reported: A Windows system infected with the malware Lazarus sent to the device via Telegram. The user accidentally downloaded the malicious payload and started it, Telegram itself has not been compromised.
After successfully infecting the target system, the attacker has remote access to control the device and perform a variety of malicious behaviors, most of which are related to cryptocurrencies. .
During the study, Kaspersky found a number of fake cryptocurrency trading websites that were disguised as extremely sophisticated. As you can see in the image below, this is a fake website that links to an active Telegram trading group.
The research team said it has identified several victims of the new attack, mainly from Britain, Poland, Russia and China, and most of the organizations and businesses operating in the country. Crypto-related field.
As of August 2019, Lazarus is believed to have pocketed up to $ 2 billion through hacks targeting multinational financial institutions and cryptocurrency exchanges.
You should read it
- French police successfully cracked down on a botnet that exploits 850,000 computers from more than 100 countries.
- What is cryptocurrency? Is it legal? Advantages and disadvantages like?
- TON - is the crypto currency expected to be the largest ICO in history to be superior to Bitcoin or Ethereum?
- Discovery of Trojan scattering steals virtual money through YouTube
- 5 super fast ways to stop digging virtual money on web browser
- Just because he wanted to hack the game, my brother was infected with cryptocurrency mining malware and ruined his laptop like this
- Phishing attack: The most common techniques used to attack your PC
- What is 51% attack? How does 51% attack work?
- After WannaCry, Petya's 'extortion' malicious code is raging, this is a remedy to prevent
- What do you know about the first 'cyber attack' in the world?
- What is IPFS Phishing attack? How to avoid?
- What is Cryptojacking and how to combat this malware?
Maybe you are interested
Instructions for entering codes and codes Ultimate Tower Defense How to install Disney Plus as an application on Windows 10 The secret is hidden inside the line of binary code on the 50-pound sheet printed with Alan Turing Microsoft Azure is being used to host malware and C2 servers Tips to help you master Gmail on Android How to create a Zalo account on your phone?