June 13, 2024 at 03:33PM A newly identified North Korean threat actor, Moonstone Sleet, is expanding its distribution of malicious npm packages to public registries, targeting the software supply chain and open source code repositories. It differentiates itself through various techniques, posing a growing risk to the open source community. Organizations are urged to implement … Read more
May 29, 2024 at 04:57PM Microsoft researchers have identified Moonstone Sleet, a North Korean threat group, carrying out espionage and financial cyberattacks using a variety of techniques against aerospace, education, and software organizations. Moonstone Sleet’s multifaceted strategies blend cybercriminal and nation-state actor methodologies, including creating fake companies and distributing custom ransomware and a fake video … Read more
May 29, 2024 at 09:07AM A new cybercrime group named “Moonstone Sleet,” associated with North Korea and tracked by Microsoft, deceives targets with fake job offers to distribute malware and ransomware for financial gain. The group deployed trojanized software via LinkedIn, Telegram, and freelancing platforms, and has been linked to the deployment of a new … Read more
May 29, 2024 at 08:12AM Microsoft reports a new North Korean threat actor, Moonstone Sleet, targeting education, defense, and IT for espionage and revenue. The group combines tactics of other North Korean actors with unique methods, using fake companies and job opportunities to engage potential targets, employing trojanized tools, launching a custom ransomware, and engaging … Read more
May 29, 2024 at 07:00AM A new North Korean threat actor, Moonstone Sleet, is attributed to cyber attacks targeting various sectors with ransomware and bespoke malware previously associated with the infamous Lazarus Group. Moonstone Sleet uses a combination of old and unique techniques to achieve its objectives, posing a significant threat. The disclosure warns of … Read more
May 28, 2024 at 02:01PM Microsoft has linked the North Korean hacking group Moonstone Sleet to FakePenny ransomware attacks, causing millions of dollars in ransom demands. Moonstone Sleet has adopted novel attack methods and infrastructure, targeting various industries and employing trojanized software, malicious games, and fake companies. This expansion into ransomware may indicate a shift … Read more