Lazarus Group Deploys Electron-Based Malware to Target Cryptocurrency Enthusiasts

Summary: The APT-C-26 group, known as Lazarus, has ramped up its attacks on cryptocurrency professionals by weaponizing a legitimate open-source project, Uniswap Sniper Bot. This malicious version of the tool, disguised as an automated trading application, stealthily executes harmful functions while stealing sensitive information. The groupโ€™s advanced techniques highlight their evolving capabilities and exploitation of community trust in open-source software.

Threat Actor: Lazarus | Lazarus
Victim: Cryptocurrency professionals | cryptocurrency professionals

Keypoints :

  • Lazarus has embedded malicious payloads in the Uniswap Sniper Bot installation package.
  • The malware targets browser-based cryptocurrency wallets in popular browsers like Chrome and Brave.
  • Advanced obfuscation techniques are used to evade detection, showcasing Lazarusโ€™ growing sophistication.

Source: https://securityonline.info/lazarus-group-deploys-electron-based-malware-to-target-cryptocurrency-enthusiasts/