The nation's top financial and cyber law enforcement watchdogs have published an extensive analysis of the malware used in recent efforts to steal cryptocurrency. These efforts infect individuals and companies that use cryptocurrency trading applications, and lay behind the indictment of three North Korean actors that was unveiled in February.
The analysis includes both malware details (script names, commands, IP addresses) and indicators of compromise used in the attacks to date. It also includes remediation recommendations for target companies. Although most of those recommendations are aimed at cryptocurrency exchanges and financial services companies, there are pro-active mitigation efforts recommended for all organizations, including awareness training, account privileging, and other common measures.
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2024-09-01-14-59-28-909-66d481501a527b8bca0f2720.jpg)
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2025-01-14-15-50-58-914-678687e2e3176529a7a81aa7.jpg)
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2024-09-27-19-48-23-473-66f70c072a3eac522abcc46f.jpg)