Lazarus Trojanized DeFi app for delivering malware
released on 2022-04-01 @ 09:15:53 AM
Securelist recently discovered a Trojanized DeFi application that was compiled in November 2021. This application contains a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a malicious file when executed. This malware is a full-featured backdoor containing sufficient capabilities to control the compromised victim. After looking into the functionalities of this backdoor, they discovered numerous overlaps with other tools used by the Lazarus group.