Security developments and electronic hacks

avatar

In an exciting security development, Elastic Security Labs revealed an advanced cyber hack suspected to have been carried out by the notorious Lazarus group, which is believed to be based in North Korea.

This attack, known as “REF7001,” represents an innovative use of malware designed specifically for the macOS operating system, called “Kandykorn.”

This malware was designed to target blockchain engineers who participate in cryptocurrency exchanges.

What is striking about this attack is the way the malware was distributed, as the attackers spread it via private messages on the public Discord server, which is unconventional in macOS targeting strategies.

According to researchers at Elastic Security Labs, victims believe they are installing an arbitrage bot, a software tool that enables exploitation of cryptocurrency price differences between platforms.

Upon installation, the “Kandykorn” malware begins communicating with the command and control server using RC4 and executing the planned mechanism.

Instead of actively processing orders, they wait patiently for them.

This advanced method allows attackers to maintain control over compromised systems confidentially.

Details of the Kandykorn attack show its similarity to the Lazarus group's methods, including its proficiency in handling file uploads and downloads, processing operations, and random execution of regular commands.

With these recent events, Elastic Security Labs highlights the advanced tactics used by the Lazarus Group, emphasizing the importance of strong cybersecurity measures to protect against these dangerous threats.


Image Source



0
0
0.000
1 comments
avatar

Congratulations @mr-gabriel! You have completed the following achievement on the Hive blockchain And have been rewarded with New badge(s)

You received more than 900 upvotes.
Your next target is to reach 1000 upvotes.

You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP

Check out our last posts:

Our Hive Power Delegations to the October PUM Winners
Feedback from the November Hive Power Up Day
Hive Power Up Month Challenge - October 2023 Winners List
0
0
0.000