November 7, 2024 at 05:17PM North Korean hacker group BlueNoroff is targeting crypto businesses with a new multi-stage macOS malware campaign, dubbed “Hidden Risk.” Utilizing phishing emails about cryptocurrency, the malware employs novel techniques for persistence and evasion, ensuring it remains undetected. This campaign marks an evolution in their tactics over the past year. ### … Read more
November 7, 2024 at 07:42AM A North Korean threat actor, BlueNoroff, has targeted cryptocurrency businesses using multi-stage malware that infects macOS devices via phishing emails and disguised applications. The campaign, named Hidden Risk, employs social engineering tactics, exploiting Apple developer accounts for notarization and illustrates the evolving strategies of North Korean cyber operations. **Meeting Takeaways: … Read more
November 28, 2023 at 12:43PM North Korean APT groups are using a mix of malware components from KandyKorn and RustBucket to avoid detection and continue their operations. They are targeting macOS machines to attack cryptocurrency exchanges and raise money for the Kim Jong Un regime. The groups are taking evasive steps by mixing loaders and … Read more
November 10, 2023 at 03:42PM Microsoft has issued a warning about BlueNoroff, a North Korean hacking group, setting up new attack infrastructure on LinkedIn for upcoming social engineering campaigns. The financially motivated group, also known as Sapphire Sleet, has a history of targeting cryptocurrency companies and employees. They gain access to systems by deploying malware … Read more
November 7, 2023 at 03:36PM The BlueNorOff threat group, backed by North Korea, has targeted Apple customers with new macOS malware called ObjCShellz. This malware allows the group to open remote shells on compromised devices. BlueNorOff is known for financially motivated attacks on cryptocurrency exchanges and financial organizations worldwide. The malware communicates with a domain … Read more
November 7, 2023 at 10:03AM Security firm Jamf has discovered a new macOS malware called ObjCShellz that is believed to be used by North Korean hackers to target cryptocurrency exchanges. The malware, tracked as part of the RustBucket Campaign, allows attackers to deliver macOS instructions and collect responses while remaining undetected. Although the purpose of … Read more
November 7, 2023 at 09:24AM The BlueNoroff nation-state group, which has connections to North Korea, is behind a newly discovered macOS malware called ObjCShellz. It is used as part of the RustBucket malware campaign and is suspected to be delivered through social engineering. BlueNoroff is a sub-group of the Lazarus Group, known for financial crimes … Read more