This December 27, Kaspersky Lab announced that the North Korean hacking group ‘BlueNoroff’ stole millions of dollars in cryptocurrencies after creating more than 70 fake domains and impersonating banks and venture capital firms.
According to the investigation, most of the domains mimicked Japanese venture capital firms, denoting a strong interest in user and company data within that country.
“After researching the infrastructure that was used, we discovered more than 70 domains used by this group, meaning they were very active until recently. Also, they created numerous fake domains that look like venture capital and bank domains.”
The Bluenoroff Group Perfected Its Infection Techniques
Until a few months ago, the BlueNoroff group used Word documents to inject malware. However, they recently improved their techniques, creating a new Windows Batch file that allows them to extend the scope and execution mode of their malware.
These new .bat files circumvent Windows Mark-of-the-We
We współpracy z: https://cryptopotato.com/north-korean-hacking-group-steals-millions-posing-as-japanese-vcs-and-banks/
