Tuesday, 28 May 2024

Crypto News

Kaspersky’s report reveals new tactics used by North Korean crypto hackers

Bitbot gains as Ape Terminal cancels ZKasino IDO

  • North Korean hackers deploying “Durian” malware targeting South Korean crypto firms.
  • The resurgence of dormant hackers like Careto underscores the evolving cybersecurity landscape.
  • Hacktivist groups like SiegedSec escalate offensive operations amidst global socio-political events.

The first quarter of 2024 has proven particularly eventful, with notable findings and trends emerging from the frontline of cyber security. From the deployment of sophisticated malware variants to the resurgence of long-dormant threat actors, the landscape of cyber threats continues to shape-shift, presenting new challenges for security experts worldwide.

A recent report by the Global Research and Analysis Team (GReAT) at Kaspersky made a striking revelation shedding light on the activities of various advanced persistent threat (APT) groups.

The Durian malware targeting South Korean crypto firms

Among the findings made by GReAT is the emergence of the “Durian” malware, attributed to the North Korean hacking group Kimsuky. It has been used to target South Korean cryptocurrency firms and it has a high level of sophistication, boasting comprehensive backdoor functionality.

The Durian malware’s deployment marks a notable escalation in the cyber capabilities of Kimsuky, showcasing their ability to exploit vulnerabilities within the supply chain of targeted organizations.

By infiltrating legitimate security software exclusive to South Korean crypto firms, Kimsuky demonstrates a calculated approach to circumventing traditional security mechanisms. This modus operandi highlights the need for enhanced vigilance and proactive security strategies within the cryptocurrency sector, where the stakes are exceptionally high.

The connection between Kimsuky and the Lazarus Group

The Kaspersky report further unveils a nuanced connection between Kimsuky and another North Korean hacking consortium, the Lazarus Group. While historically distinct entities, the utilization of similar tools such as LazyLoad suggests a potential collaboration or tactical alignment between these crypto-threat actors.

This discovery underscores the interconnected nature of cyber threats, where alliances and partnerships can amplify the impact of malicious activities.

Resurgence of dormant crypto hacking groups

In parallel, the APT trends report reveals a resurgence of long-dormant threat…

Click Here to Read the Full Original Article at CoinJournal: Latest Crypto News, Altcoin News and Cryptocurrency Comparison…