BlocksInform
Bluenoroff, a member of the state-sponsored North Korean lazarus group, has renewed its focus on venture capitalists, crypto startups and banks. Cybersecurity lab Kaspersky reported that the group has shown a spike in activity after a lull for most of the year and it is testing new delivery methods for its malware.
Bluenoroff has created over 70 bogus domains that imitate venture capital companies and banks. Most fakes have presented themselves as well-known Japanese businesses.
BlueNoroff introduces new methods bypassing MoTWhttps://t.co/C6q0l1mWqo
— Pentesting News (@PentestingN) December 27, 2022
BlueNoroff introduces novel methods circumventing MoTWhttps://t. co/C6q0l1mWqo... Bluenoroff introduces new methods circumventing motwhttps://t. co/c6q0l1mwqo— pentesting news (@pentestingn) 27 Dec, 2022The group has piloted new types of files and other methods for distributing malware, the report states.”
Related: North Korea’s Lazarus behind years of crypto hacks in Japan — Police
According to Kaspersky, the problem with threat actors is worsening. Researcher Seongsu Park said in a statement:
“The coming year will be marked by the cyber epidemics with the biggest impact, the strength of which has been never seen before. […] Related: Lazarus of North Korea behind years of crypto hacking in Japan — PoliceSel Kaspersky, the problem with threat makers is getting worse.
Researcher Seongsu Park said in a statement: The year ahead will be one of the most impactful cyber-epidemics, with unprecedented force. [...] It was among a group of North Korean cyber threats the U.S. Cybersecurity and Infrastructure Security Agency and Federal Bureau of Investigation mentioned in an alert issued in April.
North Korean threat actors associated with the Lazarus Group have been spotted attempting to steal nonfungible tokens in recent weeks as well. The group was responsible for the $600-million Ronin Bridge exploit in March.
