Malicious code found in Bible app linked to North Korean hacker group
SEOUL, December 1 (Korea Bizwire) – Malicious code found in an Android Bible app has been linked to a group of North Korean hackers.
A group of hackers from North Korea allegedly planted malicious code in modified versions of the Android Bible reader app “Godpeople” which was downloaded via an illegal app marketplace.
According to security industry sources on Friday, a backdoor embedded in the copy version of the popular Bible app “Godpeople,” available on the Google Play Store, was discovered by cybersecurity firms McAfee and Palo Alto Networks in the month latest.
Once installed, there are concerns that the modified app could give hackers the power to take remote control of smartphones, making the phone essentially a “zombie phone”, leading to various issues including theft of personal information, tracking tracking and wiretapping.
The original app, however, is back on the Google Play Store, after the app developer took it down for a week to perform security testing.
According to data from security companies, no malicious code was found in the official app – which has been downloaded over 110,000 times – available through the legitimate Android App Store.
Similar patterns were found between the malicious code found in the modified application and the previous malicious code targeting PCs believed to have been the work of Lazarus, which McAfee says is a North Korean-linked hacking group. in the past.
This is the first time Lazarus has been linked with malicious code for a mobile application.
The hacker group with possible ties to North Korea launched cyber attacks against the South Korean government between 2009 and 2012, as well as the infamous Sony Pictures hack in 2014.
In 2015, a number of banks in Vietnam, Poland, Mexico and Taiwan were targeted by the group, while industry sources speculated Lazarus was behind the WannaCry ransomware attack in May. .
It should be noted, however, that hacker groups often leave false information to erase traces, so Lazarus’ connection to North Korea has yet to be conclusively proven.
Following reports of malicious code, Godpeople posted announcements on its official website urging users to be made aware of the illegal version of the app on the black market.
Hyunsu Yim ([email protected])