BlueNoroff Threat Group Targets Cryptocurrency Startups

  /     /     /  
Publicated : 23/11/2024   Category : security


BlueNoroff Threat Group Targets Cryptocurrency Startups


A series of attacks against small and medium-sized businesses has led to major cryptocurrency losses for the victims.



BlueNoroff, an advanced persistent threat (APT) group thats part of the larger Lazarus Group associated with North Korea, is behind a series of attacks against small and medium-sized companies that have led to serious cryptocurrency losses.
The campaign, dubbed SnatchCrypto, targets organizations that deal with cryptocurrencies and smart contracts, decentralized finance, blockchain, and the financial technology industry in their work, report the Kaspersky researchers who observed it. These companies were targeted for a reason, they said: Startups often receive messages and documents from unfamiliar senders.
As most cryptocurrency businesses are small or medium-sized startups, they cannot invest lots of money into their internal security system, researchers wrote in a blog post. The actor understands this and takes advantage by using elaborate social engineering schemes.
In this campaign, the attackers attempt to manipulate the victim by pretending to be an existing venture capital firm. Researchers saw the names of more than 15 venture businesses used in these attacks but believe the actual organizations have nothing to do with the threat.
Attackers send these startup employees a full-featured Windows backdoor with surveillance functions, disguised as a contract or another business file, researchers report. If the file is opened on a device connected to the Internet, another macro-enabled document would be obtained to deploy malware.
This malware sends the targets general information and PowerShell agent to the attackers, creating a backdoor. From there, BlueNoroff deploys additional tools, including a keylogger and screenshot taker, to monitor victims. After weeks or months of tracking, the attackers find a prominent target and use the data theyve collected to steal large amounts of cryptocurrency from them.
Read more details
here
and
here
.

Last News

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
BlueNoroff Threat Group Targets Cryptocurrency Startups