The cybercrime group Lazarus continues its attacks. According to the cybersecurity firm Kaspersky’s new research, it’s hackers are now using the widely popular messaging app Telegram to try delivering malware.
Despite cybersecurity firms’ attempts, Lazarus goes uncovered. Allegedly the group has links to North Korea, but it’s government strictly denies any responsibility for the group. By Cybersecurity Firm Group-IB’s estimation, the group stole almost $600 million worth of cryptocurrency in 2017 and 2018. Additionally, it is gaining substantial sums to this day, due to their smart strategy.
Lazarus runs malware through computer memory instead of a hard disk drive. Kaspersky’s experts have been studying group techniques to prevent new attacks and infiltrate it. Especially after the AppleJesus attack on several cryptocurrency exchanges in 2018. So far, they managed to determine several ways with which the hackers gain access to computers.
Lazarus group used software updates for a fake cryptocurrency wallet, which after downloading, transmitted user data to hackers. In the second case, they devised a backdoor for Mac software, which bypassed security mechanisms so effectively that computers couldn’t detect the attack.
Lately, it seems, the group has developed several significant changes in their attack methodology. They deliver malware via files distributed on the Telegram app. Experts discovered computers that downloaded manipulated software. Embedded malware would send data to hackers secretly, so the victim would never find out about infiltration.
Kaspersky’s Researchers Fear that the Profitable Attacks Will Continue
They have already identified victims from Russia, China, Poland, and the U.K. Moreover, most of them have some links to cryptocurrency businesses. The cybersecurity firm fears that assaults become more sophisticated.
The U.S. Department for Treasury tried to prevent more damage, by adding The Lazarus Group on the U.S. sanctions list in 2019. Any financial institution discovered to have dealings with it will face severe sanctions.
