Cryptoneuro Trader

CryptoNeuro Trader is a malicious software (malware) that has been used to target and exploit hundreds of cryptocurrency companies, leading to the theft of tens of millions of dollars' worth of cryptocurrency. Notable incidents include the theft of $75 million from a Slovenian company in December 2017, $24.9 million from an Indonesian firm in September 2018, and $11.8 million from a New York financial services company in August 2020. The malware infiltrates systems by acting as a backdoor, often delivered through suspicious downloads, emails, or websites, and once inside, it can steal personal information, disrupt operations, or hold data for ransom. From March 2018 through at least September 2020, North Korean hackers developed and deployed several malicious cryptocurrency applications, including CryptoNeuro Trader, Celas Trade Pro, WorldBit-Bot, iCryptoFx, Union Crypto Trader, Kupay Wallet, CoinGo Trade, Dorusio, and Ants2Whale. These applications provided another entry point for the hackers into their victims' systems. They were specifically designed to exploit vulnerabilities in the security systems of these companies, leading to significant financial losses. The joint cybersecurity analysis and Malware Analysis Reports (MARs) underscore the cyber threat posed by North Korea, referred to by the U.S. government as HIDDEN COBRA. These reports identify specific malware and indicators of compromise related to the "AppleJeus" family of malware, a term coined by the cybersecurity community to describe a group of North Korean malicious cryptocurrency applications, including CryptoNeuro Trader and others. This detailed analysis highlights the ongoing risk to the cryptocurrency industry and emphasizes the need for robust cybersecurity measures.