November 10, 2023 at 03:42PM
Microsoft has issued a warning about BlueNoroff, a North Korean hacking group, setting up new attack infrastructure on LinkedIn for upcoming social engineering campaigns. The financially motivated group, also known as Sapphire Sleet, has a history of targeting cryptocurrency companies and employees. They gain access to systems by deploying malware through private messages on social networks. BlueNoroff has recently created new websites posing as skills assessment portals to deceive recruiters. The group has been linked to various cyberattacks worldwide and was responsible for the largest crypto hack in history. The U.S. Treasury has already sanctioned BlueNoroff and other North Korean hacking groups.
From the meeting notes, it appears that Microsoft has issued a warning about the activities of a North Korean hacking group known as BlueNoroff. This group is reportedly setting up new attack infrastructure on LinkedIn for upcoming social engineering campaigns. BlueNoroff, also known as Sapphire Sleet, has a history of targeting employees in cryptocurrency companies for cryptocurrency theft attacks.
To gain access to their targets’ systems, BlueNoroff deploys malware hidden in malicious documents sent through private messages on various social networks. Recently, they have created websites masquerading as skills assessment portals to lure their targets. These websites are password-protected to hinder analysis efforts.
BlueNoroff has been linked to various cyber attacks against cryptocurrency startups and financial organizations worldwide, resulting in significant financial losses. They were also involved in the largest crypto hack in history, stealing millions of dollars’ worth of Ethereum and USDC tokens from Axie Infinity’s Ronin network bridge.
The United Nations and the U.S. Treasury have previously sanctioned BlueNoroff and other North Korean hacking groups for their involvement in cyberattacks targeting banks and cryptocurrency exchanges.
Recently, Jamf Threat Labs’ security researchers discovered that BlueNoroff was using ObjCShellz macOS malware to backdoor targeted Mac computers.
Overall, it is important for individuals and organizations to remain vigilant and take necessary precautions to protect themselves from BlueNoroff’s malicious activities.