Original release date: February 17, 2021
CISA, the Federal Bureau of Investigation, and the Department of the Treasury have released a Joint Cybersecurity Advisory and seven Malware Analysis Reports (MARs) on the North Korean government’s dissemination of malware that facilitates the theft of cryptocurrency—referred to by the U.S. Government as “AppleJeus.”
The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.
CISA encourages users and administrators to review the following resources for more information.
- Joint Cybersecurity Advisory: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
- MAR-10322463-1.v1: AppleJeus – Celas Trade Pro
- MAR-10322463-2.v1: AppleJeus – JMT Trading
- MAR-10322463-3.v1: AppleJeus – Union Crypto
- MAR-10322463-4.v1: AppleJeus – Kupay Wallet
- MAR-10322463-5.v1: AppleJeus – CoinGoTrade
- MAR-10322463-6.v1: AppleJeus – Dorusio
- MAR-10322463-7.v1: AppleJeus – Ants2Whale
- North Korean Malicious Cyber Activity page
- U.S. Cyber Command VirusTotal