#bluenoroff — Public Fediverse posts

BlueNoroff Uses ClickFix, Fileless PowerShell, and AI-Generated Fake Zoom Meetings to Target Web3 Sector - Arctic Wolf

What do you need to know about security operations and response to cyber attacks and breaches at a global scale, and how can you get them back on track in less than a week? Â

Pulse ID: 69f1d32e6b8143fd0e42df04
Pulse Link: https://otx.alienvault.com/pulse/69f1d32e6b8143fd0e42df04
Pulse Author: Tr1sa111
Created: 2026-04-29 09:45:18

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlueNoroff #CyberAttack #CyberAttacks #CyberSecurity #InfoSec #OTX #OpenThreatExchange #PowerShell #RAT #Web3 #Zoom #bot #Tr1sa111

BlueNoroff Uses ClickFix, Fileless PowerShell, and AI-Generated Fake Zoom Meetings to Target Web3 Sector
#BlueNoroff
https://arcticwolf.com/resources/blog/bluenoroff-uses-clickfix-fileless-powershell-and-ai-generated-zoom-meetings-to-target-web3-sector/

Crypto-Targeting North Koreans Wield Fake Zoom Meetings https://www.byteseu.com/1970418/ #APT38 #BlueNoroff #CageyChameleon #Conflicts #cybersecurity #DPRK #InformationSecurity #LazarusGroup #NickelGladstone #NorthKorea #Pyongyang #SapphireSleet #StardustChollima #TA444

Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs
#BlueNoroff #ZoomClutch #DownTroy #CosmicDoor #RooTroy #RealTimeTroy #TripleWatch #SilentSiphon #SneakMain
https://securelist.com/bluenoroff-apt-campaigns-ghostcall-and-ghosthire/117842/

BlueNoroff Shifts Tactics: Targets C-Suite and Managers with New Infiltration Methods https://gbhackers.com/bluenoroff-shifts-tactics/ #CyberSecurityNews #cybersecurity #BlueNoroff

North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting https://www.securityweek.com/north-korean-hackers-take-over-victims-systems-using-zoom-meeting/ #Malware&Threats #cryptocurrency #NationState #ZoomMeeting #Cybercrime #BlueNoroff #NorthKorea #DPRK #Zoom

North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting https://www.securityweek.com/north-korean-hackers-take-over-victims-systems-using-zoom-meeting/ #Malware&Threats #cryptocurrency #NationState #ZoomMeeting #Cybercrime #BlueNoroff #NorthKorea #DPRK #Zoom

BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with macOS Backdoor Malware – Source:thehackernews.com https://ciso2ciso.com/bluenoroff-deepfake-zoom-scam-hits-crypto-employee-with-macos-backdoor-malware-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #BlueNoroff

North Korean hacker BlueNoroff targets crypto firms with new malware - According to cybersecurity firm Recorded Future, North Korean hacker gro... - https://cointelegraph.com/news/north-korean-hacker-blue-noroff-targets-crypto-firms-new-malware #northkoreanhackers #cybersecurity #lazarusgroup #northkorea #bluenoroff #cybercrime #exploits #phishing #hacks #dprk

📬 MacOS unter Beschuss: Krypto-Diebe tarnen bösartige App als PDF
#ITSicherheit #Krypto #Bitcoin #BlueNoroff #Cybercrime #KryptoDiebe #LazarusHacker #macOS https://sc.tarnkappe.info/a68e9b

North Korean Hackers Target macOS Users – Source: www.securityweek.com https://ciso2ciso.com/north-korean-hackers-target-macos-users-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #securityweekcom #cryptocurrency #securityweek #NationState #BlueNoroff #NorthKorea #FEATURED #Lazarus #macOS

North Korean Hackers Use Fake News to Spread ‘Hidden Risk’ Malware – Source:hackread.com https://ciso2ciso.com/north-korean-hackers-use-fake-news-to-spread-hidden-risk-malware-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #Cryptocurrency #CyberAttacks #CyberAttack #Blockchain #BlueNoroff #CyberCrime #NorthKorea #Hackread #security #Lazarus #malware #DeFi #Scam

North Korean Hackers Target macOS Users with Fake Crypto PDFs https://www.securityweek.com/north-korean-hackers-target-macos-users-with-fake-crypto-pdfs/ #Malware&Threats #cryptocurrency #NationState #BlueNoroff #NorthKorea #Lazarus #macOS

North Korean Hackers Target macOS Users with Fake Crypto PDFs https://www.securityweek.com/north-korean-hackers-target-macos-users-with-fake-crypto-pdfs/ #Malware&Threats #cryptocurrency #NationState #BlueNoroff #NorthKorea #Lazarus #macOS

North Korean Hackers Use Fake News to Spread ‘Hidden Risk’ Malware https://hackread.com/north-korean-hackers-crypto-fake-news-hidden-risk-malware/ #Cryptocurrency #CyberAttacks #CyberAttack #Blockchain #BlueNoroff #CyberCrime #NorthKorea #Security #Malware #Lazarus #DeFi #Scam

The Crypto Game of Lazarus APT: Investors vs. Zero-days – Source: securelist.com https://ciso2ciso.com/the-crypto-game-of-lazarus-apt-investors-vs-zero-days-source-securelist-com/ #Vulnerabilitiesandexploits #rssfeedpostgeneratorecho #zerodayvulnerabilities #APT(Targetedattacks) #MalwareDescriptions #CyberSecurityNews #Financialthreats #securelistcom #GoogleChrome #OnlineGames #BlueNoroff #JavaScript #Microsoft #Lazarus #APT #SAS

TodoSwift Malware Targets macOS, Disguised as Bitcoin PDF App https://hackread.com/todoswift-malware-macos-disguised-bitcoin-pdf-app/ #Cybersecurity #BlueNoroff #TodoSwift #Security #Malware #Bitcoin #Apple #macOS #PDF

Calendar Meeting Links Used to Spread Mac Malware https://krebsonsecurity.com/2024/02/calendar-meeting-links-used-to-spread-mac-malware/ #ALittleSunshine #LatestWarnings #RecordedFuture #KasperskyLabs #LazarusGroup #WebFraud2.0 #BlueNoroff #Macmalware #X-Protect #Hunt.io

ObjCShellz, as the name suggests, is written in Objective-C and serves as a basic remote shell that executes commands sent by the attacker’s server.

#Cybersecurity #macOS #Cyberattack #Apple #NorthKorea #Malware #BlueNoroff

https://cybersec84.wordpress.com/2023/11/07/north-korean-hackers-target-macos-with-new-objcshellz-malware/

[IOC] A new list of 6 indicators was added for BlueNoroff https://vuldb.com/?actor.bluenoroff #bluenoroff #apt #cti #ioc

This is a #new #vector for N. Korean #hackers. Bypassing the #Windows #MotW protections is a big deal. This is the feature that forces you to "Enable Editing" when you recieve an #Office document via email. If that's disabled, then macros can run without the users knowledge upon Open, and then you're fucked! The attackers can drop whatever payload they want, and do whatever they want with your data at that point.

#BlueNoroff, a subcluster of the notorious #LazarusGroup, has been observed adopting new #techniques into its playbook that enable it to bypass #Windows Mark of the Web (#MotW) protections. https://thehackernews.com/2022/12/bluenoroff-apt-hackers-using-new-ways.html

Kaspersky Report: North Korean Hackers Impersonating Crypto VCs in New Phishing Scam - BlueNoroff, a subgroup of the North Korean state-sponsored hacking group Lazarus, is now ... - https://cryptonews.com/news/kaspersky-report-north-korean-hackers-impersonating-crypto-vcs-new-phishing-scam.htm #blockchainnews #bluenoroff #northkorea #hackers #hack