North Korean Hackers Adjust Their Crypto-Stealing Solutions


Once seen as the only form of currency that we can’t steal or break into, cryptocurrency was seen as bulletproof. However, as always happens in this wonderful era of technology, more and more people are finding ways to break the rules.


With people wanting to help themselves to your cryptocurrency volumes, hackers in North Korea have built a bespoke malware for doing just that. If you are someone who uses or values cryptocurrency, it would pay for you to take this into account moving forward.

For years, the Lazarus hacker group have been around and have played a role in terrorizing various online communities. One of their latest viruses, though, is being used to directly pilfer cryptocurrency. 

The existence of the virus was made public by Kaspersky, who identified the new virus in January 2020. Lazarus, seemingly, has started to push a code that will be used to get access to cryptocurrency accounts and steal from them.

This has been ongoing since 2018 when Kaspersky dubbed it “Operation AppleJeus”. The anti-malware firm has announced that Lazarus has started to adjust their malware to make it even more powerful.

One of their most popular viruses, known as UnionCryptoTrader, as well as MarkMakingBot, have become common for cryptocurrency users to have to deal with.

A growing concern for cryptocurrency

It’s become a major issue for the industry, with both Apple and Windows machines being impacted. One common file that is being found is called WFCUpdater, and this has become a common part of the Lazarus malware armory.

Disguised as a wallet updater, this was pushed through a fake website and has since been used by many unfortunate cryptocurrency users. It’s believed that the malware might have been spread by using the popular messenger service Telegram.

One reason that this is believed to be the case is because Telegram groups were found on the fake website distributing the malware. It had a graphical setup that shows the price of Bitcoin across several cryptocurrency exchanges.

The malware has mostly been found in places like Poland, Russia, China, and the United Kingdom. Kaspersky has started working on trying to find a solution to try and stop the spread of the new updated virus becoming possible. 

Whatever route you take, though, we would suggest that you are as vigilant as you can be when using your cryptocurrency. While Lazarus might pose a genuine threat to your safety using cryptocurrency, it does not have to stop you from getting involved.

Be vigilant and regularly check out Kaspersky for more information on what the next step is to prevent yourself from being scammed and/or stolen from.