North Korean Hackers Target Brazilian Crypto Firms: Google Report
![North Korean Hackers Target Brazilian Crypto Firms: Google Report](https://coinspress.com/wp-content/uploads/2023/01/hacker-exploit-1-915x600.webp)
The Google Cloud whose team of cybersecurity professionals is responsible for gathering and analyzing data on potential threats, has just announced the existence of an attack on Brazil's cryptocurrency exchanges and fintech companies by a North Korean government-linked collective.
While Chinese government-related hackers prefer to focus on government or energy sector targets in Brazil, the North Koreans traditionally concentrate on aerospace, military, government organizations, and crypto exchanges that are said to be less secure.
Cyberattack Strategy in Brazil
The North Korean hacker group, Pukchong (UNC4899), targets Brazilians through the job market. Specifically, by offering fake job positions, tricking people into downloading malware disguised as a Python app used to check cryptocurrency prices.
READ MORE: MicroStrategy Plans $500 Million Bitcoin Purchase Amid Bullish Sentiment
Different forms of attacks such as GoPix and URSA have also been targeting Brazilian crypto firms.
Trust Wallet recently advised Apple users to disable iMessage to mitigate a zero-day exploit that would allow hackers to take over their devices.
Broader Implications
Kaspersky findings point to the usage of a new, different form of malware, called “Durian,” by North Korean group Kimsuky targeting South Korean cryptocurrency exchanges.
Our latest APT trends for Q1, 2024 if now live and includes a look at some of the more interesting APT activities revealed during Q1, including Careto APT reappearance, hacktivist activity, and much more.
Full report ⇒ https://t.co/yTe8mxePF1 pic.twitter.com/37N8ZGliZA
— Kaspersky (@kaspersky) May 9, 2024
Among its features, Durian enables a comprehensive backdoor. Furthermore, the malware LazyLoad, utilized by Andariel (a subunit of the Lazarus Group), establishes the link between Kimsuky and the Lazarus Group.
These findings underscore the persistent risk associated with government-sponsored cyber attackers directed at vital sectors around the globe.