Slow Mist: North Korea’s Lazarus Targets Crypto Industry

Large scale APT attack

Recently, SlowMist and its partners discovered

North Korea's Lazarus gang is targeting large-scale APT attacks on the cryptocurrency industry. The attack method is as follows: first, disguise the identity, deceive the auditor through real-person authentication and become a real customer, and then make a real deposit. Under the cover of this customer identity, multiple officials and customers later (attacked

(person) accurately target official personnel at the communication time point

Mac or Windows customized Trojan, proceed after obtaining permission

The intranet moves laterally and lurks for a long time to achieve the purpose of stealing funds. Currently, SlowMist has worked with partners to hunt down attackers.

Domain names and Trojan samples used.

#token2049