Security News > 2023 > November > Microsoft: BlueNoroff hackers plan new crypto-theft attacks

Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn.
After picking their targets following initial contact on LinkedIn, the BlueNoroff hackers backdoor their systems by deploying malware hidden in malicious documents pushed via private messages on various social networks.
"The threat actor that Microsoft tracks as Sapphire Sleet, known for cryptocurrency theft via social engineering, has in the past few weeks created new websites masquerading as skills assessment portals, marking a shift in the persistent actor's tactics," according to Microsoft Threat Intelligence security experts.
The FBI attributed the largest crypto hack in history-the breach of Axie Infinity's Ronin network bridge-to the Lazarus and BlueNoroff hacking groups.
BlueNoroff hackers backdoor Macs with new ObjCShellz malware.
Lazarus hackers breach aerospace firm with new LightlessCan malware.
News URL
Related news
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- Hackers abuse Zoom remote control feature for crypto-theft attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Microsoft: New RAT malware used for crypto theft, reconnaissance (source)
- Hackers target AI and crypto as software supply chain risks grow (source)
- Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)