japanese crypto exchange hacked by jokerspy
admin 1 year ago
admin #news

Japanese Cryptocurrency Exchange Hit by JokerSpy Attack

Unidentified hackers have hacked a Japanese cryptocurrency exchange and installed JokerSpy malware on its macOS systems. This was disclosed by Elastic Security Labs, which tracks attackers under the code name REF9134.

JokerSpy is a powerful toolkit designed to exploit macOS Macs. It was first described by Bitdefender last week. JokerSpy consists of numerous programs written in Python and Swift that allow the collection of data and execution of arbitrary commands on compromised hosts.


One of the fundamental components of JokerSpy is a self-signed program called "xcc" that checks for full disk access and screen recording rights. The file is signed as XProtectCheck, which implies an attempt to disguise itself as XProtect, the built-in antivirus technology in macOS.


“On June 1, a new Python tool was spotted that ran from the same directory as xcc and was used to run an open-source post-operational tool for macOS called Swiftbelt,” claimed Elastic security experts.


The hack targeted a prominent Japanese cryptocurrency service provider specializing in asset swaps to exchange Bitcoin, Ethereum, and other mainstream cryptocurrencies. The name of the company was not divulged.


The "xcc" binary is executed with Bash through three distinct applications: IntelliJ IDEA, iTerm (terminal emulator for macOS), and Visual Studio Code.


Another module loaded as part of the attack is sh.py, a Python implant that is used as a conduit for delivering other post-exploitation tools, such as Swiftbelt.


macOS users should be careful not to download malicious files or apps from untrusted sources. It is also essential to use effective antivirus software and to frequently update the system and applications to protect data and bitcoin from hackers.

0
475
CraxsRat V6 - Android Rat Download | UnCracked

CraxsRat V6 - Android Rat Download | UnCracked

1673775682.png
admin
1 year ago
Sorillus Rat  Version 6.1

Sorillus Rat Version 6.1

1673775682.png
admin
1 year ago
Malware and Advanced Persistent Threats (APTs)

Malware and Advanced Persistent Threats (APTs)

1673775682.png
admin
1 year ago
Whats Is Malware - Malware Types & History

Whats Is Malware - Malware Types & History

1673775682.png
admin
11 months ago
Pekka Rat V5 Download Free (UnCracked)

Pekka Rat V5 Download Free (UnCracked)

1673775682.png
admin
1 year ago