Fake Crypto Platform Distributes North Korean MacOS Trojan

It has been a while since a new strain of malware was linked to cryptocurrencies. In the case of this particular Trojan, it was hosted on a fake cryptocurrency trading platform.

The Trojan was originally identified earlier this week by Dinesh Devadoss, a malware researcher.

A new MacOS Malware Surfaces

It has not been officially named at this point, but the payload has become apparent.

The Trojan distributes the mach-O executable file, which will allow it to pose serious problems to any computer it infects.

The worrisome part is how there have not been any public detections of the MacOS malware to date, mainly due to there being no reports.

What is even more remarkable is how this MacOS malware is linked to Lazarus, a North Korean hacking collective.

Although it is not officially confirmed those appear to be the preliminary findings of this research 

As far as the distribution of the malware is concerned, it was initially discovered on the UnionCryptoTrader platform.

This platform masks itself as a cryptocurrency trading platform, even though it was clearly designed to distribute this MacOS malware first and foremost.

Researchers also confirmed this malware comes with a service to contact a command-and-control service to potentially download additional malicious payloads.

No payload has been actively identified as of yet but that situation can change at any given time.

For now, it is best for MacOS users to steer away from dodgy crypto-related platforms.