{"id":10541,"date":"2022-12-03T00:00:00","date_gmt":"2022-12-03T00:00:00","guid":{"rendered":"http:\/\/localhost\/cyber-operations\/targeting-of-users-of-cryptocurrency-applications\/"},"modified":"2022-12-03T00:00:00","modified_gmt":"2022-12-03T00:00:00","slug":"targeting-of-users-of-cryptocurrency-applications","status":"publish","type":"post","link":"https:\/\/www.cfr.org\/cyber-operations\/targeting-of-users-of-cryptocurrency-applications","title":{"rendered":"Targeting of users of cryptocurrency applications"},"content":{"rendered":"<p>North Korean hacking group Lazarus created a fake brand called BloxHolder to spread fake cryptocurrency apps that would infect users with AppleJeus malware to steal money and cryptocurrency. The campaign was active from June to at least October 2022.<br \/>\n&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>North Korean hacking group Lazarus created a fake brand called BloxHolder to spread fake cryptocurrency apps that would infect users with AppleJeus malware to steal money and cryptocurrency. The campaign was active from June to at least October 2022. &nbsp;<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_cloudinary_featured_overwrite":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[2],"tags":[],"cyber_operation":[54],"state_sponsor":[91],"victim_category":[138],"victim_government_response":[186],"victim":[],"class_list":["post-10541","post","type-post","status-publish","format-standard","hentry","category-incident","cyber_operation-financial-theft","state_sponsor-korea-democratic-peoples-republic-of","victim_category-private-sector","victim_government_response-unknown"],"acf":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts\/10541","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/comments?post=10541"}],"version-history":[{"count":0,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts\/10541\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/media?parent=10541"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/categories?post=10541"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/tags?post=10541"},{"taxonomy":"cyber_operation","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/cyber_operation?post=10541"},{"taxonomy":"state_sponsor","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/state_sponsor?post=10541"},{"taxonomy":"victim_category","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim_category?post=10541"},{"taxonomy":"victim_government_response","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim_government_response?post=10541"},{"taxonomy":"victim","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim?post=10541"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}