Critical Vulnerability: Apple Users Are at Risk, This Method Will Hurt A Lot

cryptocurrency System security is extremely important for investors because wallets are stored on devices. If your computer or phone is hacked, your cryptocurrency wallet can be easily emptied. Moreover, investors are targeted with applications that cannot be detected by anti-virus software and even appear to be Apple-approved.

Apple Vulnerability

Jamf Threat Labs researchers, who monitor Apple systems and issue security alerts, have discovered new malware that can bypass security controls. Of course, the source of this malware is again North Korea. We have written many times that North Korea trains public hackers and finances its nuclear program by working with them.

The team wrote the following about the attack, which can be described as the first of its kind in today’s malware analysis;

“Jamf Threat Labs discovered malware samples believed to be linked to the Democratic People’s Republic of Korea (DPRK), also known as North Korea, that evaded scans to detect malicious code due to obfuscation techniques used to hide from various controls. JTL is taking a deep dive into how the malicious code works to stay alert to this potentially new method of targeting macOS devices and users.

The discovered malware appeared in three forms. A Go variant, a Python variant built with Py2App, and an app built with Flutter.”

Investors Should Be Careful

Interesting game published on GitHub. The attackers who use malicious versions of the applications as traps for their victims are very professional. VirusTotal Under normal circumstances, it sends the file you upload to many antivirus databases and examines it. By performing simultaneous scanning of Kaspersky, Avira and other security applications, it allows users to use safely relevant applications with a “zero malware detection” warning.

But there is a question here. There are techniques that complicate the code structure and make it difficult to read malicious codes. With special examination, malicious software hidden with this method can be detected. However, during the period when anti-virus companies have not yet entered the special examination process, these viruses seem to be clean for periods of 1 week and 10 days.

In fact, when work is targeted and not scanned too much, the “privacy shield” of these viruses can remain on them for a longer time. This is called FUDing or encryption of the virus. So, even if you use premium antivirus, you may not be able to detect the malware you are running. Moreover, in the new method, the trust of the victims is gained as the information that these applications have been signed by Apple is incorrectly displayed.

Therefore, it is recommended to use a hardware wallet as much as possible and to frequently examine your data output alongside anti-virus software to see if there are any internal leaks. wireshark Or, with more advanced applications, you can examine your data packages and monitor whether there are any leaks or abnormal data movements.

The best security measure is to avoid installing applications on your devices as much as possible and to understand that anything more than reliable applications from reliable companies is always a risk for you.

The security team lastly mentioned the following details in their blog post:

“Malware stablecoinNew Era for ‘s and DeFiCeFi and Multisig Risks in Stablecoin and Crypto Assets cryptocurrency They had names associated with the unit, hinting at the hackers’ ultimate target.

North Korean hackers have a well-deserved reputation for creativity. In October, they were caught exploiting a vulnerability in Chrome to steal crypto wallet credentials. Same month, Cosmos $6 Allegations were made that North Koreans had a hand in the development of the Liquid Staking Module. According to the United Nations, hackers are highly organized and allegedly take hundreds of thousands of dollars worth of cryptocurrencies a month, making nearly $3 billion in the last six years.”