A report from Kaspersky Labs claims that the hacking group "BlueNoroff" has stolen millions of dollars by creating over 70 fake domain names and passing them off as legitimate businesses. Most of these domain names pretended to be well-known Japanese companies, though some claimed to be American and Vietnamese businesses.
BlueNoroff Gang Explores New File Formats and Virus Distribution Techniques
According to the Kaspersky report, the BlueNoroff gang has been experimenting with new file formats and virus distribution techniques. Once installed, the malware can bypass security warnings and intercept large cryptocurrency transactions by altering the recipient's address and increasing the transfer amount beyond the threshold. In September, Kaspersky conducted a thorough investigation into the BlueNoroff gang and discovered that they were using .iso and .vhd disk bitmap images to spread malware and new scripts.
North Korea at the Forefront of Global Crypto Crime
North Korea has been at the forefront of cryptocurrency crime globally. From May 2022 until now, North Korean hackers are believed to have stolen over $1 billion worth of cryptocurrency. The Lazarus group has also been linked to high-profile phishing scams and malware distribution campaigns.
In one case, a consumer in the United Arab Emirates was infected by the BlueNoroff group after downloading a Word document titled "Shamjit Client Details Form.doc," which allowed the hackers to remotely access the user's computer and obtain information while attempting to execute more malicious malware.