Connect with us

News

Lazarus new malware can now bypass detection

North Korean hacking collective Lazarus Group has been using a new type of malware as part of its fake employment scams which researchers warn is far more challenging to detect than its predecessor.

Published

on

North Korean hacking collective Lazarus Group has been using a new type of malware as part of its fake employment scams which researchers warn is far more challenging to detect than its predecessor.

ESET’s senior malware researcher Peter Kálnai, while analyzing a recent fake job attack against a Spain-based aerospace firm, ESET researchers discovered a publicly undocumented backdoor named LightlessCan.

The Lazarus Group’s fake job scam typically involves tricking victims with a potential offer of employment at a well-known firm. The attackers would entice victims to download a malicious payload masqueraded as documents to do all sorts of damage.

However, Kálnai says the new LightlessCan payload is a “significant advancement” compared to its predecessor BlindingCan.

LightlessCan mimics the functionalities of a wide range of native Windows commands, enabling discreet execution within the RAT itself instead of noisy console executions.

“This approach offers a significant advantage in terms of stealthiness, both in evading real-time monitoring solutions like EDRs, and postmortem digital forensic tools,” he said.

The new payload also uses what the researcher calls “execution guardrails” — ensuring that the payload can only be decrypted on the intended victim’s machine, thereby avoiding unintended decryption by security researchers.

Kálnai said that one case that involved the new malware came from an attack on a Spanish aerospace firm when an employee received a message from a fake Meta recruiter named Steve Dawson in 2022.

Soon after, the hackers sent over the two simple coding challenges embedded with the malware. Cyberespionage was the main motivation behind Lazarus Group’s attack on the Spain-based aerospace firm

Business

7-Eleven South Korea to accept CBDC payments in national pilot program

Published

on

7-Eleven is set to participate in the testing phase of a central bank digital currency (CBDC) initiative, running from April to June. The retail giant’s involvement highlights the growing push for digital currency integration in everyday transactions.

The pilot program will assess the feasibility of CBDC payments at 7-Eleven stores, allowing customers to make purchases using the digital currency. The initiative is part of a broader effort to explore the real-world application of CBDCs in retail environments, potentially shaping future payment systems.

As central banks worldwide accelerate their digital currency research, private sector collaboration is seen as crucial for widespread adoption. If successful, 7-Eleven’s participation could pave the way for broader CBDC usage across retail and commercial sectors.

The outcome of the testing phase will provide valuable insights into consumer adoption, transaction efficiency, and potential regulatory considerations, influencing how CBDCs are integrated into mainstream financial systems.

Continue Reading

Business

SEC and Gemini ask to pause lawsuit to explore ‘potential resolution’

Published

on

The U.S. Securities and Exchange Commission (SEC) and crypto exchange Gemini have agreed to pause legal proceedings as both sides explore a potential resolution to their ongoing lawsuit. The move signals a possible settlement in the high-profile case, which centers around Gemini’s now-defunct Earn program.

The SEC initially sued Gemini, alleging that the Earn program—designed to offer users yield on crypto deposits—operated as an unregistered securities offering. Gemini has pushed back against the claims, arguing that its operations complied with regulatory standards.

By pausing litigation, both parties may be looking for a compromise that could set a precedent for crypto lending products in the U.S. A settlement could also provide regulatory clarity for similar platforms navigating SEC scrutiny.

While the outcome remains uncertain, the crypto industry is closely watching the case, as its resolution could impact future enforcement actions and the broader regulatory approach toward digital asset lending services.

Continue Reading

Business

GameStop finishes $1.5B raise to add Bitcoin to its balance sheet

Published

on

GameStop has successfully completed a debt offering, raising capital that may be used to acquire Bitcoin, signaling the company’s deeper foray into digital assets. The move aligns with its broader strategy to diversify beyond traditional retail operations and into emerging financial technologies.

While GameStop has not confirmed the exact allocation of the funds, market speculation suggests that a portion could be used to buy Bitcoin, following in the footsteps of companies like MicroStrategy. The potential investment would reinforce GameStop’s ongoing pivot toward blockchain and digital assets, an effort that began with its NFT marketplace and crypto-related initiatives.

Analysts see this development as part of a growing trend of corporations exploring Bitcoin as a reserve asset amid concerns over inflation and monetary policy. If GameStop proceeds with the acquisition, it could further validate Bitcoin’s role as a strategic investment for publicly traded companies.

The company’s board will ultimately decide how the newly raised capital is deployed. Investors and the broader crypto market are watching closely for any official announcements regarding GameStop’s Bitcoin strategy.

Continue Reading

Trending

Copyright © 2025 cryptonews.lk