The Federal Bureau of Investigation (FBI) confirmed that the DPRK cybercriminal group, Lazarus, is responsible for stealing $100 million of virtual currency from Harmony’s Horizon Bridge. FBI found that the portion of the stolen Ethereum, laundered during the June 2022 heist, was sent to virtual asset providers and converted to bitcoins.
Trend Micro security researchers have identified an advanced remote access trojan (RAT) named CHAOS that enhances Linux cryptocurrency mining attacks. It is based on an open-source project in which the main downloader script and further payloads are hosted in different locations to ensure the campaign remains active and constantly spreading. Investigation shows that the main server appears to be in Russia, which is also used for cloud bulletproof hosting. Trend Micro researchers stated that the infection routine of cryptocurrency mining malware seems minor, but organisations and individuals should stay cautious.