Security News > 2023 > November > Microsoft: BlueNoroff hackers plan new crypto-theft attacks
Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn.
After picking their targets following initial contact on LinkedIn, the BlueNoroff hackers backdoor their systems by deploying malware hidden in malicious documents pushed via private messages on various social networks.
"The threat actor that Microsoft tracks as Sapphire Sleet, known for cryptocurrency theft via social engineering, has in the past few weeks created new websites masquerading as skills assessment portals, marking a shift in the persistent actor's tactics," according to Microsoft Threat Intelligence security experts.
The FBI attributed the largest crypto hack in history-the breach of Axie Infinity's Ronin network bridge-to the Lazarus and BlueNoroff hacking groups.
BlueNoroff hackers backdoor Macs with new ObjCShellz malware.
Lazarus hackers breach aerospace firm with new LightlessCan malware.
News URL
Related news
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- Crypto companies are losing ground to deepfake attacks (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Microsoft dangles $10K for hackers to hijack LLM email service (source)
- Radiant links $50 million crypto heist to North Korean hackers (source)