Summary: The APT-C-26 group, known as Lazarus, has ramped up its attacks on cryptocurrency professionals by weaponizing a legitimate open-source project, Uniswap Sniper Bot. This malicious version of the tool, disguised as an automated trading application, stealthily executes harmful functions while stealing sensitive information. The group’s advanced techniques highlight their evolving capabilities and exploitation of community trust in open-source software.
Threat Actor: Lazarus | Lazarus
Victim: Cryptocurrency professionals | cryptocurrency professionals
Keypoints :
- Lazarus has embedded malicious payloads in the Uniswap Sniper Bot installation package.
- The malware targets browser-based cryptocurrency wallets in popular browsers like Chrome and Brave.
- Advanced obfuscation techniques are used to evade detection, showcasing Lazarus’ growing sophistication.