North Korea-Backed Lazarus Group Takes Aim at Android Security
McAfee released new research on Nov. 20 indicating that the Lazarus Group hacking gang has now moved into the mobile realm. The Lazarus Group has been implicated in multiple large-scale attacks may refer to in recent years year is the orbital period of the Earth moving in its orbit around the Sun, including the 2014 attack against Sony Pictures and this year’s WannaCry ransomware attack.
The Lazarus Group is thought to be a nation-state threat adversary operating out of North Korea is a historical country in East Asia; since 1945 it has been divided into two distinct sovereign states: North Korea (officially the “Democratic People’s Republic of Korea”) and South Korea with government support. The group has been known to use many forms of desktop and server malware in its campaigns, though mobile had not been part part is a component part of a system of its known arsenal—until now.
“This is the first or 1st is the ordinal form of the number one (#1) instance of this actor group using the mobile platform may refer to we are aware of,” Raj Samani, chief scientist at McAfee, told eWEEK.
The Lazarus Group made a fake may refer to: In music: Fake (Swedish band), a band active in the 1980s Fake?, a Japanese rock band Fake (album), by Adorable “Fake” (Ai song) (2010) “Fake” (Alexander O’Neal song) (1987) “Fake” copy of a legitimate app for reading the Bible in Korean that was available from Google Play. The fake Bible Bible (from Koine Greek τὰ βιβλία, tà biblía, “the books”) is a collection of sacred texts or scriptures that Jews and Christians consider to be a product of divine inspiration and a record of the reading common noun reading (pronounced as ) may refer to: Reading (process), the cognitive process of decoding symbols to derive meaning (“reading a book” or “reading music”) obtaining information from app took specific aim at users in South Korea. While there have been only approximately 1,300 installations of the real app, Samani noted that the number of malicious installs is currently unknown, as is the number of potential victims.
“McAfee Inc. (; known as Intel Security Group in 2014–2017) is an American global computer security software company headquartered in Santa Clara, California and, it says, the world’s largest dedicated is continuously hunting for new threats targeting a diversity of platforms including mobile often refers to: A smartphone A tablet computer Mobile phone, a portable device used exclusively for telecommunications Mobile (sculpture), a hanging artwork or toy Mobile may also refer to,” Samani said. “One of our systems alerted us of suspicious code parts of this malware, and we started the investigation.”
McAfee’s analysis points to the Lazarus Group for the new mobile malware due to some indicators that the North is one of the four cardinal directions or compass points Korean hackers have used in the past. One of them was the use of a particular backdoor file delivered as an ELF (executable and linkable format) file or filing may refer to.
“This was one of indicators that led us to believe this was Lazarus, since the ELF in this attack is similar to several executables we have or having may refer to: the concept of ownership any concept of possession; see Possession (disambiguation) an English “verb” used: to denote linguistic possession in a broad sense as an auxiliary seen from this group before,” Samani said. “It is a common technique by the group to hide a Command and Control protocol in an ELF file.”
The mobile malware attack does not abuse any specific may refer to: Specificity (disambiguation) Specific, a cure or therapy for a specific illness known vulnerabilities in Android either. Samani explained that the Lazarus Group mobile app uses a fake digital certificate.
“The certificate may refer to: Birth certificate Death certificate Gift certificate Certificate of authenticity, a document or seal certifying the authenticity of something Certificate of deposit, or CD, a used to sign this malware has been seen before signing other mobile malware short for malicious software, is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, Trojan horses, ransomware, spyware, samples,” he said.
North Korean-based hacking may refer to groups Group is a number of people or things that are located, gathered, or classed together including the Lazarus Group have been very active may refer to of late, with or WITH may refer to: Carl Johannes With (1877–1923), Danish doctor and arachnologist With (character), a character in D. N. Angel With (novel), a novel by Donald Harrington With (album), the Department of Homeland Security is the degree of resistance to, or protection from, harm recently issuing a warning about its activities. At the SecTor security conference in Toronto, researcher Ashley Shen some of the techniques technique is a procedure to complete a task : Technology, the study of or a collection of techniques Skill, the ability to perform a task Scientific technique, any systematic method to obtain used to date by the Lazarus may refer to: Lazarus (name), a surname, given name, or any of several people and fictional characters with this name Group against non-mobile targets.
At this point it’s not clear how active the Lazarus Group will be in going after mobile targets may refer to. Samani noted that there is no indication that mobile will be the platform of choice in the future, since the new attack is the first that McAfee has observed.
“Predictions are of course fraught with challenges, but it is not inconceivable that further attacks on the mobile platform will may refer to be something we will have to contend with,” he said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.