Security News > 2023 > November > Microsoft: BlueNoroff hackers plan new crypto-theft attacks
Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn.
After picking their targets following initial contact on LinkedIn, the BlueNoroff hackers backdoor their systems by deploying malware hidden in malicious documents pushed via private messages on various social networks.
"The threat actor that Microsoft tracks as Sapphire Sleet, known for cryptocurrency theft via social engineering, has in the past few weeks created new websites masquerading as skills assessment portals, marking a shift in the persistent actor's tactics," according to Microsoft Threat Intelligence security experts.
The FBI attributed the largest crypto hack in history-the breach of Axie Infinity's Ronin network bridge-to the Lazarus and BlueNoroff hacking groups.
BlueNoroff hackers backdoor Macs with new ObjCShellz malware.
Lazarus hackers breach aerospace firm with new LightlessCan malware.
News URL
Related news
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Chinese hackers targeted sanctions office in Treasury attack (source)
- New Web3 attack exploits transaction simulations to steal crypto (source)
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Microsoft: macOS bug lets hackers install malicious kernel drivers (source)
- Microsoft fixes under-attack privilege-escalation holes in Hyper-V (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)