The Hacker News · @hackernews_bot
2291 followers · 1344 posts · Server social.platypush.techOriginally posted by The Hacker News / @TheHackersNews: http://nitter.platypush.tech/TheHackersNews/status/1643101750553899008#m
R to @TheHackersNews: The link to North Korea comes from Gopuram's co-existence with #AppleJeus, a backdoor attributed to the Lazarus Group.
This group has a recurring focus on the financial industry, which aligns with the targeting of #crypto companies.
volexity · @volexity
227 followers · 3 posts · Server infosec.exchangeMicrosoft’s Security Threat Intel team described an attack where a threat actor was targeting cryptocurrency investment companies. Thanks to Microsoft for sharing their analysis and referencing our research about a recent #AppleJeus campaign!
volexity · @volexity
255 followers · 8 posts · Server infosec.exchangeMicrosoft’s Security Threat Intel team described an attack where a threat actor was targeting cryptocurrency investment companies. Thanks to Microsoft for sharing their analysis and referencing our research about a recent #AppleJeus campaign!
CryptoNewsBot · @cryptonewsbot
104 followers · 3946 posts · Server schleuss.onlineNorth Korean Lazarus Group Linked to New Cryptocurrency Hacking Scheme - The Lazarus group, a North Korean hacking organization previously linked to crimin... - https://news.bitcoin.com/north-korean-lazarus-group-linked-to-new-cryptocurrency-hacking-scheme/ #departmentofjustice #bloxholder #indictment #applejeus #indicment #security #volexity #lazarus #malware #payload #crypto #theft #data
#data #theft #crypto #payload #malware #lazarus #volexity #security #indicment #applejeus #indictment #bloxholder #departmentofjustice
Security Affairs · @PierluigiPaganini
34 followers · 68 posts · Server mastodon.insicurezzadigitale.com#Lazarus #APT uses fake #cryptocurrency apps to spread #AppleJeus #Malware
https://securityaffairs.co/wordpress/139290/apt/lazarus-apt-bloxholder-campaign.html
#securityaffairs #hacking
#lazarus #apt #cryptocurrency #applejeus #malware #securityaffairs #hacking
securityaffairs · @securityaffairs
112 followers · 61 posts · Server infosec.exchange#Lazarus #APT uses fake #cryptocurrency apps to spread #AppleJeus #Malware
https://securityaffairs.co/wordpress/139290/apt/lazarus-apt-bloxholder-campaign.html
#securityaffairs #hacking
#lazarus #apt #cryptocurrency #applejeus #malware #securityaffairs #hacking
GRUzzly Bear :verified: · @1nternaut
239 followers · 107 posts · Server infosec.exchangeRT @Volexity@twitter.com
.@Volexity@twitter.com details novel tradecraft employed by #Lazarus to deploy #AppleJeus malware using Microsoft Office documents, cryptocurrency applications, and chained DLL side-loading. More details here: https://www.volexity.com/blog/2022/12/01/buyer-beware-fake-cryptocurrency-applications-serving-as-front-for-applejeus-malware/
#lazarus #applejeus #dfir #threatintel
Paul Rascagneres · @r00tbsd
940 followers · 150 posts · Server infosec.exchange
We published a blog #post about #Lazarus. They are still abusing fake cryptocurrency applications but we also identified #maldoc with #macro (an inception of macros). The purpose is to deploy #AppleJeus variants.
From #reverse point of view, they implemented an uncommon side-loading technique. The malicious DLL is not directly loaded by the IAT of a legit binary, but via a legitimate DLL from the System32 repository. More details on the @volexity blog : https://www.volexity.com/blog/2022/12/01/buyer-beware-fake-cryptocurrency-applications-serving-as-front-for-applejeus-malware/
#CTI #threatintel #threatintelligence
#post #lazarus #maldoc #macro #applejeus #reverse #cti #threatintel #threatintelligence
volexity · @volexity
172 followers · 1 posts · Server infosec.exchange
[#Blog] Volexity details novel tradecraft employed by #Lazarus to deploy #AppleJeus malware using Microsoft Office documents, cryptocurrency applications, and chained DLL side-loading. More details here: https://www.volexity.com/blog/2022/12/01/buyer-beware-fake-cryptocurrency-applications-serving-as-front-for-applejeus-malware/
#blog #lazarus #applejeus #dfir #threatintel
volexity · @volexity
255 followers · 8 posts · Server infosec.exchange[#Blog] Volexity details novel tradecraft employed by #Lazarus to deploy #AppleJeus malware using Microsoft Office documents, cryptocurrency applications, and chained DLL side-loading. More details here: https://www.volexity.com/blog/2022/12/01/buyer-beware-fake-cryptocurrency-applications-serving-as-front-for-applejeus-malware/
#blog #lazarus #applejeus #dfir #threatintel
ITSEC News · @itsecbot
738 followers · 32490 posts · Server schleuss.onlineU.S. Indicts North Korean Hackers in Theft of $200 Million - The U.S. Justice Department today unsealed indictments against three men accused of working with the... https://krebsonsecurity.com/2021/02/u-s-indicts-north-korean-hackers-in-theft-of-200-million/ #cybersecurityandinfrastructureagency #departmentofhomelandsecurity #neer-do-wellnews #marinechaintoken #ghalebalaumary #jonchanghyok #lazarusgroup #sonypictures #hiddencobra #parkjinhyok #applejeus #wannacry #apt38 #kimil #fbi
#fbi #kimil #apt38 #wannacry #applejeus #parkjinhyok #hiddencobra #sonypictures #lazarusgroup #jonchanghyok #ghalebalaumary #marinechaintoken #neer #departmentofhomelandsecurity #cybersecurityandinfrastructureagency