Apple’s MacOS system has always been deemed to be more secure than Windows’ as it is less susceptible to malware programs. But this superiority of macOS has over Windows faced a notable challenge today, when hackers from North Korea were able to hack into a cryptocurrency exchange with a malware that was developed to target both Windows and macOS systems.
Russian internet security company Kaspersky Lab reports that North Korea linked Lazarus group went the extra mile by deploying a malware for macOS, named ‘AppleJeus’ successfully penetrating the MacOS firewall and made its way into the systems of a cryptocurrency exchange when one of its employees downloaded an affected app. To protect the interests of the exchange, Kaspersky did not reveal its name.
Active since at least 2009 and supposedly backed by the North Korean government, Lazarus is considered the most serious threat to banks. The group is said to have orchestrated a large number of high profile attacks, including the Sony hack in 2014 and last year’s WannaCry outbreak.
This is not the first time that the Lazarus Group has targeted cryptocurrency exchanges – or mainly the ones on South Korea, to be more specific. In the past, they are known to have launched attacks on platforms such as Bithumb, YouBit, and Coinlink. Two months ago, Bithumb, the world’s sixth-largest cryptocurrency exchange, suffered a devastating hack, with thieves stealing over $30 million worth of cryptocurrencies from its platform.
What is yet unclear is whether Lazarus was able to compromise Celas and abuse its update mechanism to deliver malware, or if the hackers managed to create ‘a legitimate looking business and inject a malicious payload into a ‘legitimate looking’ software update mechanism,’ thus creating a fake supply chain.