A new version of North Korea’s AppleJeus malware has been spotted, one more effective than the last version.


A campaign from hacking group Lazarus Group, thought to be linked to North Korea, called Operation AppleJeus is targeting macOS and Windows users. It targets cryptocurrency services where is poses as trading software. Once downloaded it drops a remote access trojan onto the target machine. Infected machines can have files and accounts stolen.

AppleJeus execution flow

AppleJeus execution flow. Credit: Kaspersky

So far AppleJeus has been found posing under two names: JMTTrading and UnionCryptoTrader. Infected machines have been found in the UK, China, Russia, and Poland.

Further Reading

[iOS: How to Easily Manage SMS Two-Factor Authentication Codes]

[‘Mythic Quest’ And The Future of Apple TV+]

Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Lee Dronick

As usual, cryptocurrency is involved.