North Korean hackers are using new malware to attack South Korean crypto exchanges: Durian Malware 

12

North Korea’s state-backed hacking group utilising a new malware called “Durian” to attack the top South Korean crypto platforms. 

North Korea likes using cryptocurrency because it helps them get around sanctions and make money. They’ve been involved in cyber attacks on cryptocurrency exchanges and mining to support their government, making things more complicated for global finances. Some big hacking groups in this country are backed by the Korean government and these attackers conduct cyber attacks for ransom money. 

As per the latest report by cybersecurity firm Kaspersky, the North Korean hacking group Kimsuky invented a new malware to target Crypto exchanges. This new malware is known as “Durian”. 

With the help of this new malware, hackers can easily conduct a series of targeted attacks. 

So far, these hackers have used this malware against South Korean crypto exchanges. It is worth it to note that South Korea is a very big enemy of North Korea, while both of these two countries were part of a single jurisdiction in the past.

Intelligence’s investigation found that new malware called Durian works like a tool that keeps installing more malware on a computer. This includes a backdoor called “Appleseed,” a special tool called LazyLoad, and some regular tools like Chrome Remote Desktop.

Alongside the Kimsuky hacking group, there is another North Korean state-backed hacking group Lazarus, which is popular for its several cyber attacks against crypto platforms. 

As per reports, from 2022 to 2023, the majority of the hacking attacks on the Defi crypto exchanges were conducted by the Lazarus group. 

In April of this year, popular crypto detective ZachXBT reported that the Lazarus group successfully managed to launder more than $200 million in cryptocurrency, which they got unlawfully between 2020 and 2023.

As per a report, the Lazarus group stole nearly a total of $3 billion worth of crypto assets in the last 6 years. The North Korean government uses the stolen funds in explosive missile programs. 

Read also: Ripple CEO warns US government’s next target “top stablecoin issuer Tether (USDT)”