According to "Kaspersky Lab", the hackers from North Korea had infected cryptocurrency exchange by using malware for macOS and Windows.
The virus appears under the name AppleJeus, as we can see in the report of "Kaspersky Lab". It got in the system cryptocurrency exchanges after downlanding the "infected" app by one of employees. According to experts, the virus used fake security certificates, and a team of hackers from North Koreanamed the Lazarus Group has planned and realized the entire operation.
Experts from "Kaspersky Lab" believe that the AppleJeus virus was created to steal cryptocurrency assets. It is noteworthy that the North Korean cybercriminals have repeatedly broken into the various crypto currency exchanges with varying degrees of success. Tranding platforms of South Korea are particularly suffer because of their actions: recently the Lazarus Group has tried to hack such well-known platforms as YouBit, BitHumb and Coinlink.
The report also said:
"Hackers have spent a lot of time developing viruses for other platforms, including Mac, to make the operating system not to interfere with infectioning of the necessary objectives. Based on the information on the website of the hackers, they will create malware for Linux in the near future. We have never encountered with viruses for macOS from the Lazarus Group".
Vitaly Kamluk director of research center of "Kaspersky Lab" in the Asia-Pacific region explained:
"Hackers have created malware designed for Windows and macOS, but probably they also made a fake company and a fake software to unimpeded delivery of virus through security. The ultimate goal of the whole operation is appropriation of large sums of money credibly"
In July of this year, the research team that engaged in the field of cyber security found a virus for macOS. The main objectives of the virus were users of Slack and Discord. Hackers visited various cryptocurrency chats, presented "key people" and offered to the participants to use the "little scraps of code". When people downloaded and launched the code, which is actually the virus, hackers quickly emptied all of theirs cryptocurrency accounts.