Languagesx
English Deutsch 日本 한국어
Subscribe
Home North Korea hackers launch assault on crypto businesses

North Korea hackers launch assault on crypto businesses

man in hoodie in front of north korea flag
TLDR

  • North Korean hackers target cryptocurrency using vulnerabilities in Apple’s macOS.
  • Hackers bypass security by using falsified Apple Developer IDs and fake PDF files.
  • Experts advise crypto users to be vigilant against suspicious links and downloads.

A new report from Sentinel Labs has uncovered a new North Korean hacking attempt on cryptocurrency and related businesses. With the industry rising to nearly $1.5 trillion in value, it’s becoming an ever larger target for hackers worldwide.

The latest scam follows from previous attacks from North Korea, except this time it involves taking advantage of vulnerabilities in Apple’s macOS.

While the Mac operating system is fairly secure for the most part, the hackers have worked their way around the locked-down OS through technical loopholes.

A major method of getting onto people’s machines is by downloading falsified signed software.

Apple requires that all Mac software is verified under the Apple Developer ID. “Avantis Regtech Private Limited (2S8XHJ7948)” was the one being used, which the Cupertino company has since shut down.

This tactic is similar to last year’s ‘RustBucket’, a multi-staged attack that utilizes the fake piece of software method. Once clicked, it downloads and runs various scripts to begin the multifaceted hack, including displaying a false PDF to the user.

DPRK-based hackers are now using similar methods. The latest hack includes sending a PDF of a paper about hidden risks in Bitcoin.

This is based on a genuine paper, but the website will also begin the domino-like effect of serving the unsuspecting user an application under the same name.

sentinel labs screenshot showing fake pdf (left) and real (right)
Fake PDF (left) and original file (right) Source: Sentinel Labs

The software then opens a downloaded PDF while it gets to work. Payloads with a script to alter macOS security about incoming and outgoing connections are then deployed, as well as manipulating the terminal environment itself.

This is usually hidden from the users’ view, but once altered it can allow the hackers to avoid Apple’s detection software.

Researchers monitoring these types of attacks have said that it has been active for at least the last year. This has included spam calls to those targeted in India.

With consistent hacks stemming from North Korea, it’s best to stay vigilant if you’re within the cryptocurrency space and don’t click any old links you see in your email.

Featured image: Pexels (MEHRAX), Wikimedia Commons

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the gambling and blockchain industries for major developments, new product and brand launches, game releases and other newsworthy events. Editors assign relevant stories to in-house staff writers with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags
Joel Loynds
Tech Journalist

Joel Loynd’s obsession with uncovering bad games and even worse hardware so you don’t have to has led him on this path. Since the age of six, he’s been poking at awful games and oddities from his ever-expanding Steam library. He’s been writing about video games since 2008, writing for sites such as WePC and PC Guide, as well as covering gaming for Scan Computers, More recently Joel was Dexerto’s E-Commerce and Deputy Tech Editor, delving deep into the exploding handheld market and covering the weird and wonderful world of the latest tech.

Related News

Criptomoedas Promissoras para 2025: Quais Altcoins Estão em Alta?
marianaeberhard
Kraken
Kraken Debuts Crypto Derivatives Trading in the UK for FCA-Qualified Clients
Elliott Lee
kraken embed
Kraken Launches Embed: Plug-and-Play Crypto Trading for Banks and FinTechs
Elliott Lee
Tangem
Tangem Kicks Off Limited-Time Family Pack Promo: Save 15% and Enjoy Free Shipping
Elliott Lee
Choctaw Casinos Duranr
Cryptocurrency arrives in Choctaw casinos after Bitline deal
Paul McNally

Most Popular Tech Stories

Latest News

Gambling

NFT sports card collecting and betting platform Sorare reportedly on the verge of collapse
Jacob Woodward1 day

There was a time when NFTs were seemingly making all of the headlines with a number of companies jumping knee deep into digital imagery and collectibles. Now, it seems that...

Popular TopicsArrow right.svg

Betting
Betting
Betting
Casino
Casino
Casino
Payments
Payments
Payments
Slots
Slots
Slots
Poker
Poker
Poker
Software
Software
Software

Get the biggest iGaming headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Gambling News

    Explore the latest in online gambling with our curated updates. We cut through the noise to deliver concise, relevant insights, keeping you informed about the ever-changing world of iGaming and its most important trends.

    In-Depth Strategy Guides

    Elevate your game with tailored strategies for sports betting, table games, slots, and poker. Learn how to maximize bonuses, refine your tactics, and boost your chances to beat the house.

    Unbiased Expert Reviews

    Honest and transparent reviews of sportsbooks, casinos and poker rooms crafted through industry expertise and in-depth analysis. Delve into intricacies, get the best bonus deals, and stay ahead with our trustworthy guides.