North Korean Hackers Deploy New Malware “Durian” to Target South Korean Crypto Firms

Hanzin

North Korean Hackers Use New Malware “Durian” to Target South Korean Crypto Firms

A recent report from cybersecurity firm Kaspersky reveals that North Korean hackers, specifically the Kimsuky group, are using a notable new malware variant called “Durian” to carry out attacks on South Korean cryptocurrency companies. The attacks, identified as persistent, exploit legitimate security software used only by crypto firms in South Korea.

Previously unknown to the cybersecurity community, the Durian malware functions as an installer that distributes a number of malware, including a backdoor called “AppleSeed”, a special proxy tool called LazyLoad, and other legitimate tools such as Chrome Remote Desktop sees. Kaspersky states that Durian has extensive backdoor functionality that allows the execution of transmitted commands, the downloading of additional files and the exfiltration of data.

Interestingly, Kaspersky also discovered that LazyLoad, the proxy tool used by Durian, was previously associated with Andariel, a subgroup of the North Korean hacking consortium Lazarus Group. This suggests a potential connection between Kimsuky and the more notorious Lazarus Group.

In 2023 alone, Lazarus was responsible for theft of over $309 million; this accounted for approximately 17% of the total funds stolen that year. According to a report by cybersecurity company Immunefi, cryptocurrencies worth more than $1.8 billion have fallen victim to hacks and exploits throughout 2023.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

  • bitcoinBitcoin (BTC) $ 92,890.00 1.84%
  • ethereumEthereum (ETH) $ 3,251.17 1.49%
  • tetherTether (USDT) $ 0.999851 0.05%
  • xrpXRP (XRP) $ 2.30 0.99%
  • bnbBNB (BNB) $ 685.62 1.11%
  • solanaSolana (SOL) $ 187.67 3.84%
  • dogecoinDogecoin (DOGE) $ 0.320909 4.98%
  • usd-coinUSDC (USDC) $ 0.999993 0.06%
  • cardanoCardano (ADA) $ 0.910865 2.55%
  • staked-etherLido Staked Ether (STETH) $ 3,250.68 1.37%
  • tronTRON (TRX) $ 0.241404 3.17%
  • avalanche-2Avalanche (AVAX) $ 36.37 3.06%
  • suiSui (SUI) $ 4.74 1.03%
  • wrapped-stethWrapped stETH (WSTETH) $ 3,872.78 1.78%
  • the-open-networkToncoin (TON) $ 5.19 2.06%
  • shiba-inuShiba Inu (SHIB) $ 0.000021 0.9%
  • chainlinkChainlink (LINK) $ 19.65 3.8%
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 92,737.00 2.04%
  • stellarStellar (XLM) $ 0.396829 3.31%
  • hedera-hashgraphHedera (HBAR) $ 0.269640 4.15%
  • polkadotPolkadot (DOT) $ 6.63 1.17%
  • wethWETH (WETH) $ 3,253.50 1.34%
  • bitcoin-cashBitcoin Cash (BCH) $ 421.52 2.77%
  • leo-tokenLEO Token (LEO) $ 9.04 0.04%
  • litecoinLitecoin (LTC) $ 103.37 2.55%
  • uniswapUniswap (UNI) $ 12.70 2.34%
  • bitget-tokenBitget Token (BGB) $ 6.35 0.61%
  • pepePepe (PEPE) $ 0.000017 3.06%
  • hyperliquidHyperliquid (HYPE) $ 19.77 14.37%
  • wrapped-eethWrapped eETH (WEETH) $ 3,439.06 1.31%
  • nearNEAR Protocol (NEAR) $ 4.99 1.9%
  • ethena-usdeEthena USDe (USDE) $ 0.997761 0.14%
  • usdsUSDS (USDS) $ 0.997779 0.23%
  • internet-computerInternet Computer (ICP) $ 10.23 6.3%
  • aptosAptos (APT) $ 8.68 3.39%
  • aaveAave (AAVE) $ 281.74 3.35%
  • mantleMantle (MNT) $ 1.15 4.89%
  • mantra-daoMANTRA (OM) $ 3.98 0.7%
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.451050 1.21%
  • crypto-com-chainCronos (CRO) $ 0.138555 4.14%
  • ethereum-classicEthereum Classic (ETC) $ 24.94 0.85%
  • render-tokenRender (RENDER) $ 7.10 5.21%
  • bittensorBittensor (TAO) $ 444.39 4.29%
  • vechainVeChain (VET) $ 0.044344 0.6%
  • moneroMonero (XMR) $ 192.55 2.41%
  • tokenize-xchangeTokenize Xchange (TKX) $ 43.05 1.02%
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 1.31 1.82%
  • daiDai (DAI) $ 1.00 0.1%
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 3.18 12.26%
  • arbitrumArbitrum (ARB) $ 0.752904 4.46%