Lazarus Group Spies set up American Shell Dupe CRIPTO Developers: Report

Silent Push Researchers require that Cyber ​​spies from Lazarus North Korea, set up American Shell under false alias to infect cryptical programmers with malware.

According to recent Reuters reportCyber-Cirber Cybertecing company has identified two companies with shells that can be followed back to North Korean Hacker Group. Researchers claimed that two companies, Blockovas LLC and Softglide LLC were placed in New Mexico and New York or under false personals and addresses.

After further inspection, Reuters revealed that the address was listed for Blockova in Warrenville, South Carolina, South Carolina on Google Maps. Meanwhile, the address of SoftGlide in Buffalou, New York occupied a small tax region. Moreover, the contact persons listed under companies could not be found.

The director of Intelligence threats in Tihim Push, called the “rare example of northern Korean hackers,” he explained that Hackers Lazarus Group would sought to heal users through false jobs with at least three soybeans with at least three soybeans.

Malicious Kybera attacks would use false pseudonis to offer conversations on work for potential cryptos or web developers, which would enable the sophisticated malware that gave a compromise programmers for cryptocurrent.

“Also aim and passwords of developers and credentials that could be used for further attacks on legitimate enterprises,” the best said.

Hackers stand behind these companies are reportedly part of the subgroup in the Lazar Group, which is part of the Scout General Bureau, the Piongiang’s main foreign intelligence agency. Lazarus Group is known for the actors behind some of the greatest crypto hacks in history, including the latest Bibit Hack that resulted in losses of up to $ 1.5 billion.

When asked about these companies for shells and their possible ties towards the North Korean Hacking Group, the New York Department of State refused to comment on companies registered in the state. Meanwhile, the new Mexico Secretary of the State Office told Reuters in the email that there was no way to know about connecting the company with North Korea.

24. April FBI He published a notification of the Domain on the Blockovas site, starting to “as part of the action for law enforcement against northern Korean cyber actors who used this domain for deceptioned individuals with false jobs and distribute malware.”