The Lazarus Group is thought to be behind last year’s attacks on the SWIFT financial network and the devastating data breach at Sony in 2014. McAfee says there are signs that the group is now using mobile malware to potentially go after a broader, but still geographically focused, swath of victims. The malware is disguised to appear like The Bible, a legitimate Android APK from a developer called the GodPeople that is available on Google Play for translating the Bible into Korean. It is possible that the intended target is GodPeople itself because of its history of supporting religious groups in North Korea.”]
Source: https://www.darkreading.com/attacks-breaches/north-korea-s-lazarus-group-evolves-tactics-goes-mobile