• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About us
  • Write for us
  • Terms and Conditions
  • Privacy Policy
  • Disclaimer
  • Contact
  • All Posts
  • Advertise

TronWeekly

Crypto World News

  • Home
  • Education
    • Best TRON Wallets
    • Beginner’s guide to TRON
  • Opinion
    • Tron Tokens
    • Market Analysis
  • Industry
    • Tron Exchange
    • Project Review
  • Press Release
  • Advertise
  • About us
    • The Team
    • Editorial Policy
    • Write for us
    • Privacy Policy
    • Disclaimer
    • Terms and Conditions
    • Contact
You are here: Home / News / Crypto Scam / Infamous Apple Mac Hack that Won North Korean Spies $7 Million in Cryptocurrency
Infamous Apple Mac Hack that Won North Korean Spies $7 Million in Cryptocurrency

Infamous Apple Mac Hack that Won North Korean Spies $7 Million in Cryptocurrency

January 22, 2020 by Richard M Adrian

North Korea hackers are using fake software to breach cryptocurrency wallets of  MacOS users. 

The entity responsible for the hacks is the same group believed to have conducted the Sony Pictures system breach. Lazarus Group, as  US intelligence and cybersecurity firms, have come to identify the group as is sponsored by the  North Korean Reconnaissance General Bureau (RGB).

A Chainalysis report revealed how the hackers pose as legitimate Linkedin and Telegram profiles, only to execute clean phishing schemes targeting apple devices. 

It isn’t the first time that intelligence firms are linking the Lazarus Group with a cybercrime incident. Following the 2017 WannaCry ransomware attack, a Google researcher Neel Mehta posted two code samples. 

One from the Lazarus Contopee Cyber Weapon and another one from the WannaCry ransomware.

Additionally, another analysis during that year linked the North Korean team of hackers to the 2014 Sony Pictures hack and the $81 million Bangladesh bank heist. 

The hackers are attempting to penetrate Mac computers using fake cryptocurrency software designed by the front firm. Forbes reported how in 2019, DragonEx lost at least $7 million to the hackers.

This was after the team of cybercriminals created a fake business with a professional website and Linkedin profiles. The fake business dubbed WFC wallet a legitimate version of bitcoin trading software but one infected with malware.

Installed versions of the software would open up backdoors on Apple computers. Hence, creating a loophole for the hackers to potentially siphon private keys of cryptocurrency wallets. Moreover, the alleged software had key-logging features for phishing data such as usernames, passwords, and security questions.

The hackers then went on to contact a DragonEx senior executive officer via Telegram. They asked her whether they could do business and requested that she download the WFCWallet. Nevertheless, the executive showed no interest in the partnership but the hackers kept persisting for weeks.

Meanwhile, an unnamed employee at DragonEx employee downloaded and installed the malicious wallet on a company MacBook.

No one knows the reason for the employee’s action but as it would turn out, the MacBook happened to have private keys for exchange client accounts. This gave the hackers an important piece of data, critical to accomplish their mission.

From hence, they took control of several cryptocurrency wallets and stole Bitcoins, Litecoins and Ripple. The lazarus hackers were so thorough to not leave even a single trace of their attack. 

Well, the use of front companies during crypto campaigns in North Korea was initially spotted back in 2018. However, it is until the DragonEx hack that experts noted juts how effective the companies were in closing phishing attempts. 

DragonEx described the attack as one of the most elaborate phishing campaigns it had witnessed in history. While recruiting Chainalysis to aid them in investigating the hack, the firm said it was one attack “on another level of sophistication.”

Most sources including Forbes believe that the Lazarus Group has been conducting top-notch hacking schemes for at least one decade now. At the beginning of the month, Kaspersky Lab researchers identified a barrel of malware that the group was deploying through telegram.

Meanwhile, it seems that the group was luring telegram users towards direct installations instead of online target diversion.

Data from Chainalysis showing how hackers have been executing crypto exchange attacks over the decade 

Scam Analysis
Chart Credit: chainalysis.com

According to the above Chainalysis report, the amount of cryptocurrency exchange hacks surged in 2019 than in other years. A total of eleven cyber attacks valued approximately $283 million. However, the total amount of funds lost in 2019 did not surpass figures from 2018. This is because of the massive Coincheck breach in 2018 amounted to approximately $534 million. 

US intelligence believes that North Korea will continue stealing money to drive the manufacture of weapons. In fact, the US treasury noted about the Lazarus group that: 

“It was  perpetrating cyberattacks to support illicit weapon and missile programs.” 

Source: Forbes

 

Filed Under: Crypto Scam, Industry, News, Opinion Tagged With: #exchange, Cryptocurrency Exchange, Cryptopia hacks, Hacks, North Korea

Primary Sidebar

Recent Posts

  • OKX Founder Unveils The Future Of OKBChain: A Promising Layer 2 Ethereum Sidechain  March 21, 2023
  • Floki Takes A Big Leap: Listed On Crypto.com  March 21, 2023
  • Rising As A Crypto Haven: Hong Kong Attracts 80+ Firms Set To Establish Presence In March 21, 2023
  • Ethereum Primed For $2K As Price Reaches 7-Month High: Report March 21, 2023
  • Solana’s Unique Smart Contracts Rise Despite Network Woes March 21, 2023

Footer

News

  • Altcoin News
  • Bitcoin News
  • Blockchain
  • Tron News
  • World

Digest

  • Meet the Founder
  • Price Winning Article
  • DeFi
  • Cyber Security
  • Crypto Scam

Industry

  • Project Review
  • Technology
  • Fintech
  • Tron Exchange
  • New in Town

Tron Universe

  • Event and Tron Parties
  • New in Town
  • Tron Tokens

Follow Us

Subscribe US

Copyright © 2023 · Tron Weekly. All Rights Reserved. NOTE: Tron Weekly is an independent crypto news site that adheres to the strict journalism policy anchored on transparency, trust, and objectivity, we have no affiliation with the TRON Foundation, its founder Justin Sun or any other cryptocurrency firm.