North Kauslim hackers tau ua txuj ua crypto VCs hauv cov phiaj xwm phishing tshiab: Kaspersky

BlueNoroff, ib feem ntawm North Kauslim lub xeev txhawb nqa Lazarus Group, tau txuas ntxiv nws lub hom phiaj ntawm kev lag luam peev, crypto startups thiab tsev txhab nyiaj. Cybersecurity lab Kaspersky qhia tias cov pab pawg tau pom qhov nce siab hauv kev ua si tom qab lull rau feem ntau ntawm lub xyoo thiab nws tab tom sim cov txheej txheem xa khoom tshiab rau nws cov malware.

BlueNoroff tau tsim ntau dua 70 tus lej cuav uas ua rau cov tuam txhab lag luam peev thiab tuam txhab nyiaj. Feem ntau ntawm cov fakes tau nthuav tawm lawv tus kheej li cov tuam txhab Japanese paub zoo, tab sis qee qhov kuj suav tias yog tus kheej ntawm Tebchaws Meskas thiab cov tuam txhab Nyab Laj.

BlueNoroff qhia txoj hauv kev tshiab hla MoTWhttps://t.co/C6q0l1mWqo

— Xov xwm Pentesting (@PentestingN) Hlis ntuj nqeg 27, 2022

Cov pab pawg tau sim nrog hom ntaub ntawv tshiab thiab lwm txoj kev xa khoom malware, raws li tsab ntawv ceeb toom. Ib zaug nyob rau hauv qhov chaw, nws cov malware evades Windows Mark-of-the-Web kev ruaj ntseg ceeb toom txog kev rub tawm cov ntsiab lus thiab tom qab ntawd mus rau "intercept loj cryptocurrency hloov pauv, hloov tus neeg txais chaw nyob, thiab thawb tus nqi hloov mus rau qhov txwv, qhov tseem ceeb ntws mus rau hauv tus account. ib qho kev hloov pauv."

Related: North Kauslim lub Lazarus tom qab xyoo crypto hacks hauv Nyiv - Tub ceev xwm

Raws li Kaspersky, qhov teeb meem nrog kev hem thawj rau cov neeg ua yeeb yam phem zuj zus tuaj. Tus kws tshawb fawb Seongsu Park hais tias nyob rau hauv ib daim ntawv qhia:

"Lub xyoo tom ntej yuav raug cim los ntawm kev sib kis cyber nrog qhov cuam tshuam loj tshaj plaws, lub zog uas tsis tau pom dua ua ntej. […] Ntawm qhov pib ntawm cov phiaj xwm phem tshiab, kev lag luam yuav tsum muaj kev nyab xeeb dua li qub. "

Lub BlueNoroff subgroup ntawm Lazarus tau pom thawj zaug tom qab nws tawm tsam Bangladeshi central bank hauv 2016. Nws yog ib pab pawg ntawm North Kauslim cyber hem US Cybersecurity thiab Infrastructure Security Agency thiab Federal Bureau of Investigation. tau hais hauv tsab ntawv ceeb toom Nyob rau lub Plaub Hlis.

North Kauslim cov neeg ua yeeb yam cuam tshuam nrog Lazarus Group tau ua pom sim nyiag nonfungible tokens nyob rau hauv lub lis piam tsis ntev los no thiab. Pab pawg yog lub luag haujlwm rau $600-million Ronin Choj siv rau lub Peb Hlis.