The firm said it had found in one such case, the attack vector was a cryptocurrency trading application that had been compromised by malware known as Fallchill which has been referred to by US CERT and other researchers as well.
The application, created by a third party, was unknowingly downloaded by an employee from a website that appeared to be kosher.
In order to broaden the scope of infiltration, the attackers had developed malware for the macOS platform as well the usual Windows malware.
The application that was compromised is known as Celas Trade Pro and is sold by Celas Limited.
Kaspersky said the attacks on the financial sector by the Lazarus group were not surprising. However, it noted, there were some notable points about this latest attack, the main one being that a new platform, macOS, had been used.
"From all angles, the Celas story looks like the threat actor has found an elaborate way to create a legitimate looking business and inject a malicious payload into a 'legitimate looking' software update mechanism," the company said. "Sounds logical: if one cannot compromise a supply chain, why not make a fake one?
"This should be a lesson to all of us and a wake-up call to businesses relying on third-party software. Do not automatically trust the code running on your systems. Neither a good-looking website, nor a solid company profile nor digital certificates guarantee the absence of backdoors."