Other Aug 01, 2020

Kaspersky cybersecurity firm warns of new ransomware developed by North Korea

Multinational cybersecurity provider Kaspersky has announced that the notorious North Korean crypto-criminal group Lazarus is planning to release new ransomware.

Kaspersky is researching a new method of attacks

The new threat, called VHD, is designed to combat the internal networks of companies in the economic sector. As to why a group of ransomware often resorted to working alone, Kaspersky researchers expressed their hypothesis:

``We can only guess at the reason why they are now conducting single operations: perhaps they find it difficult to interact with the world of cybercrime, or perhaps they feel that they can no longer afford to share their profits with third parties.``

Phishing for crypto-sensitive data

It was reported that the infamous North Korean ransomware group Lazarus has several tricks. In fact, according to Cybirma CyberSecurity, Lazarus is preparing a huge phishing campaign targeting at least 6 countries, more than 5 million businesses and individual investors.

A report on the insidious scheme was released in June. There is currently no indication that a phishing campaign is unfolding, as it appears that the extortion group has not yet launched a massive phishing campaign.

In the past, a North Korean ransomware group operating under Lazarus has made a big impression on cybersecurity companies, accumulating more than $ 571 million in stolen cryptocurrencies since 2017. Lazarus is notorious for hacking cryptocurrency exchanges and continuing to keep them under control until the buyout.

Last year, according to Chainalysis, Lazarus carried out a digital Heist that amounted to $ 7 million in various cryptocurrencies.

Extortionists found the DragonEx cryptocurrency located in Singapore. To implement the scheme, Lazarus created a fake trading bot site that was offered to employees of the DragonEx exchange.

A North Korean criminal organization used a sophisticated phishing attack when a real website and related social networks were linked to a fake company called ``Proof of WFC``. The defunct company was said to have created a Worldbit-bot, a trading robot that was then offered to DragonEx employees.

Finally, malicious software was installed on a computer with the private key of the DragonEx hot wallet, allowing a North Korean group to steal cryptocurrencies from the Singapore exchange.

Korea: military training or cybercriminals?

Preventing financial theft has been a constant problem for the longest time.

With a series of money-related attacks leading to a subsequent UN investigation last year, speculation continues to circulate around law enforcement agencies that the Democratic people's Republic of Korea (DPRK) may be actively involved in coordinating cyber attacks, as they are reportedly training cybercriminals to identify and launder stolen funds stolen from financial institutions.

SPACEBOT

Author of the article

Registration on SPACEBOT is available only via the referral link which you can get after bonding 100 coins to the pool.

In order to get the link through the Telegram bot:
1. Send 100 coins to the wallet given by the bot: Wallet – Deposit
2. Bond 100 coins to the pool: Wallet – Deposit for paramining
3. Skip to ‘Affiliate program’ section and copy your referral link
4. Now you can share your referral link and invite new users

In order to get the link through iOS/Android:
1. Send 100 coins to the wallet given by the App: Home screen – Refill
2. Bond 100 coins to the pool: Home scren – Bond
3. Skip to ‘Affiliate program’ section and copy your referral link
4. Now you can share your link and invite new users

To install the App

1. Follow the link:

https://apps.apple.com/ru/app/spacebot/id1498907599

2. Сlick ‘Install’ and follow the standard steps to install the App on your device

3. If you are a new user – press ‘Register’ (you need to indicate your inviter; find your inviter`s ID or get a referral link in the ‘How to register a new user’ section)

4. If you already have your SPACEBOT Telegram account you need to link it to email. You may find how to do it in ‘How to link email to your SPACEBOT account?’ section.

To install the App:
1. Follow the link:

https://play.google.com/store/apps/details?id=space.bot.mobile

2. Press ‘install’ and follow the standard steps to install the App on your device.

3. If you are a new user – press ‘register’ (you need to indicate your inviter; find your inviter`s ID or get a referral link in the ‘How to register a new user’ section)

4. If you already have your Telegram SPACEBOT account you need to link it to email. You may find how to do it in ‘How to link email to your SPACEBOT account?’

Top up your balance with Telegram bot:
1. Go to ‘Wallet’ section
2. Press ‘Deposit’
3. Copy the wallets sent to you (be careful not to copy extra symbols)
4. Transfer coins to the copied wallet adress

Top up your balance with iOS/Android App:
1. Press ‘Top up’ on the mail screen
2. Copy the wallets sent to you (be careful not to copy extra symbols)
3. Transfer coins to the copied wallet adress

* Track transaction on the blockchain:
PRIZM – https://prizmexplorer.com
BIP/BTT – https://explorer.minter.network

**Please note that depositing of coins requires certain number of confirmations in the network and it takes time to process a transaction with our algorightm

***Also note that many exchanges and wallets services carry out transfers with delay (on some exchanges it can take up to 72 hours), and you shouldn`t worry since this is a stadard procedure.

For bonding coins to the pool with Telegram bot:

1. Top up your balance (you will find how to do that in ‘How to top up your balance’ section).
2. Skip to ‘Wallet’ section
3. Press ‘Deposit for paramining’
4. Enter the amount*, note that this amount should be available in your main account
*For the first bonding: no less than 100 coins
For the second and subsequent bondings: at least 1 coin.
5. Confirm the amount, and the bot will send you a notification about the successful bonding (or ‘error’ will appear in case you have insufficient funds or the amount was entered incorrectly).

For bonding coins to the pool with iOS/Android App:
1. Chose the cryptocurrency on mail screen by scrolling to the left (PRIZM/BIP/BTT)
2. Once you`ve chosen the coin press ‘Bond’ on home screen
3. Enter the amount*, note that this amount should be available in your mail account
*For the first bonding: not less than 100 coins
For the second and subsequent bondings: at least 1 coin.
4. Confirm the amount, and the bot will send you a notification about the successful bonding, and your balance in the ‘Bonded’ field will change (or ‘error’ will appear in case you have insufficient funds or the amount was entered incorrectly).

**Attention! The first bonding of coins will take 24 hours, and only then the mined coins will be assessed.
The second and subsequent bondings will take 48 hours. It means that after the second bonding to the pool the mined coins will be assessed in 48 hours.

Load More