Targeting of users of cryptocurrency applications

Date of report

December 2022

Affiliations

Lazarus Group

North Korean hacking group Lazarus created a fake brand called BloxHolder to spread fake cryptocurrency apps that would infect users with AppleJeus malware to steal money and cryptocurrency. The campaign was active from June to at least October 2022.

Suspected victims

Cryptocurrency applications

Suspected state sponsor

Korea (Democratic People's Republic of)

Type of incident

Financial Theft

Target category

Private sector

Victim government reaction

Unknown

Policy response

Unknown

Suspected state sponsor response

Unknown

Buyer Beware: Fake Cryptocurrency Applications Serving as Front for AppleJeus Malware
Hackers use new, fake crypto app to breach networks, steal cryptocurrency

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events