Recent Lazarus campaign leveraged Crypto App to spread AppleJeus malware

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

The Lazarus Group threat actor was noticed employing fake cryptocurrency apps as a ruse to transmit a previously unidentified version of the AppleJeus malware masquerading as malicious Microsoft Office documents. AppleJeus was initially discovered in 2018 and was primarily intended to collect information about the infected system and download shellcode from a command-and-control (C2) server.