A new version of North Korea’s AppleJeus malware has been spotted, one more effective than the last version.
A campaign from hacking group Lazarus Group, thought to be linked to North Korea, called Operation AppleJeus is targeting macOS and Windows users. It targets cryptocurrency services where is poses as trading software. Once downloaded it drops a remote access trojan onto the target machine. Infected machines can have files and accounts stolen.
So far AppleJeus has been found posing under two names: JMTTrading and UnionCryptoTrader. Infected machines have been found in the UK, China, Russia, and Poland.