North Korean Malicious Cyber Activity: AppleJeus

February 17, 2021
Original release date: February 17, 2021<br/><p>CISA, the Federal Bureau of Investigation, and the Department of the Treasury have released a Joint Cybersecurity Advisory and seven Malware Analysis Reports (MARs) on the North Korean government’s dissemination of malware that facilitates the theft of cryptocurrency—referred to by the U.S. Government as “AppleJeus.”</p> <p>The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.</p> <p>CISA encourages users and administrators to review the following resources for more information.</p> <ul> <li><a href="https://us-cert.gov/ncas/alerts/aa21-048a">Joint Cybersecurity Advisory: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware</a></li> <li><a href="https://us-cert.cisa.gov/ncas/analysis-reports/ar21-048a">MAR-10322463-1.v1: AppleJeus – Celas Trade&nbsp;Pro</a></li> <li><a href="https://us-cert.cisa.gov/ncas/analysis-reports/ar21-048b">MAR-10322463-2.v1: AppleJeus – JMT Trading</a></li> <li><a href="https://us-cert.cisa.gov/ncas/analysis-reports/ar21-048c">MAR-10322463-3.v1: AppleJeus – Union Crypto</a></li> <li><a href="https://us-cert.cisa.gov/ncas/analysis-reports/ar21-048d">MAR-10322463-4.v1: AppleJeus – Kupay Wallet</a></li> <li><a href="https://us-cert.cisa.gov/ncas/analysis-reports/ar21-048e">MAR-10322463-5.v1: AppleJeus – CoinGoTrade</a></li> <li><a href="https://us-cert.cisa.gov/ncas/analysis-reports/ar21-048f">MAR-10322463-6.v1: AppleJeus – Dorusio</a></li> <li><a href="https://us-cert.cisa.gov/ncas/analysis-reports/ar21-048g">MAR-10322463-7.v1: AppleJeus – Ants2Whale</a></li> <li><a href="https://us-cert.cisa.gov/northkorea">North Korean Malicious Cyber Activity page</a></li> </ul> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div>