A unit of the North Korean state-sponsored hacker Lazarus Group is impersonating financial and investment firms to steal crypto assets.
Pasak apsaugos firmos "Kaspersky, the group known as BlueNorOff is creating fake domains that look like those of legitimate venture capital and banking companies.
"The actor usually used fake domains such as cloud hosting services for hosting malicious documents or payloads.”
The firms that the hackers imitate are mostly based in Japan, including Beyond Next Ventures, ANOBAKA, Angel Bridge, ABF Capital, Sumitomo Mitsui Banking Corporation, Mitsubishi UFJ Financial Group and Z Venture, suggesting of BlueNorOff’s interest in Japanese financial entities.
"Most of the companies are Japanese companies, indicating the actor has a keen interest in Japanese markets.”
The cybersecurity company says that one of BlueNorOff’s victims appears to be a home financing company based in the United Arab Emirates (UAE). Kaspersky says the infection was made through malware with a Japanese file name, indicating that the target can read Japanese.
"Based on the domain naming and decoy documents, we assume, with low confidence, that the entities in Japan are on the radar of this group. In one PowerPoint sample, we observed that the actor took advantage of a Japanese venture capital company.”
Nepraleisk ritmo - Prenumeruok kad kriptografiniai el. pašto įspėjimai būtų pristatyti tiesiai į jūsų gautuosius
Tikrinti Kaina veiksmų
Sekite mus Twitter, Facebook ir Telegram
Surf „Daily Hodl Mix“
Atsisakymas: „The Daily Hodl“ išsakytos nuomonės nėra patarimas dėl investavimo. Investuotojai turėtų atlikti deramą patikrinimą prieš imdamiesi bet kokių didelės rizikos investicijų į „Bitcoin“, kriptovaliutą ar skaitmeninį turtą. Informuojame, kad už savo pervedimus ir sandorius esate atsakingi patys, o už visus nuostolius, kuriuos galite patirti, esate atsakingas jūs. „Daily Hodl“ nerekomenduoja pirkti ar parduoti jokios kriptovaliutos ar skaitmeninio turto, taip pat „The Daily Hodl“ nėra patarėjas dėl investavimo. Atkreipkite dėmesį, kad „The Daily Hodl“ dalyvauja filialų rinkodaroje.
Featured Image: Shutterstock/Suvit Topaiboon/Zalevska Alona UA
Source: https://dailyhodl.com/2022/12/29/north-korean-hackers-are-posing-as-venture-capitalists-to-steal-crypto-assets-security-firm/