New North Korean MacOS cryptocurrency malware discovered

New North Korean MacOS cryptocurrency malware discovered

A new MacOS cryptocurrency malware has once again bought the infamous North Korean Lazarus Group again in the spotlight. A newly discovered MacOS cryptocurrency malware has hit the Apple systems. The ill-famed hacking group has been responsible for many notorious viruses and malware in the past as well.

Recent reports have revealed that a malicious software unearthed by Dinesh Devadoss pertained to cryptocurrency trading. The software hosted on the website ‘’ provided ‘smart cryptocurrency arbitrage trading’ platform to the users. The malware package was hidden in the file called ‘UnionCryptoTrader’. Though easily detectable, it still has the potential to threaten many systems due to its ease of availability.

MacOS cryptocurrency malware is nothing new

As per security researchers, this malware can fetch a remote payload from pre-defined location and then run the same payload on the memory. This phenomenon is pretty common in Windows but unheard of in MacOS. Thus, it becomes difficult to track its activity and undertake any forensic analysis. No wonder only ten antivirus programs were able to snuff out this malware.

Patrick Wardle, a security researcher, conducted a thorough analysis of this latest malware. He found many similarities and overlaps with some previously detected malware by the MalwareHunterTeam. Those were supposedly linked with the infamous North Korean Lazarus group. In October this year, the same team detected a MacOS malware that targeted Apple Macs via a fake cryptocurrency company.

North Korean cryptocurrency developments are alarming

In recent months, North Korean related cryptocurrency frauds and illegal activities have been in the news. Last month, United States prosecutors revealed that they had arrested a Virgil Griffith. He is charged with visiting North Korea to deliver a lecture on using blockchain and cryptocurrencies to circumvent sanctions.

His arrest unnerved some people in the crypto realm. Vitalik Buterin, the co-founder of Ethereum, stood behind him and supported his release. He even ran an online petition to release Virgil. MacOS cryptocurrency malware has once again bought to the shore how the secretive nation is using crypto route and defaming an innovative industry. The Sanctions Committee of the United Nations alleged that North Korea is using a cryptocurrency firm based in Hong Kong to launder illicit money.

Image Source: Pixabay

Share link:

Gurpreet Thind

Written by Gurpreet Thind

Gurpreet Thind is pursuing Masters in Electrical Engineering at University of Ottawa. His scholarly interests include IT, computer languages and cryptocurrencies. With a special interest in blockchain powered architectures, he seeks to explore the societal impact of digital currencies as finance of the future. He is passionate about learning new languages, cultures and social media.