North Korea’s BlueNoroff Group Reportedly Targeting Crypto Community Members on MacOS 

SentinelLabs, a cybersecurity company, has issued a warning about a serious threat that targets macOS users in the crypto community. They discovered that the North Korean organisation BlueNoroff is tricking people into downloading a multi-storage malware infection onto their MacBooks by disseminating phoney cryptocurrency news. This attack, known as the “Hidden Risk” campaign, has been going around since the beginning of 2024. The malware can phish victims and cause possible financial losses once it is activated.

The malware is triggered via suspicious mail, SentinelLabs said in its report. These emails contain false, cryptocurrency news that appears to have been sent by a legitimate influencer

The report claims that “the emails use the name of a real person in an unrelated industry as the sender, but pretend to be forwarding a message from a well-known crypto social media influencer.”

Users who click on the malicious URL in the email are directed to a PDF hosted on the ‘delphidigital.org’ domain, which is purportedly under the control of the BlueNoroff groups.

“The complete URL currently provides a benign version of the Bitcoin ETF document with titles that vary over time. However, this URL has or does eventually shift to serving the first phase of a malicious application bundle called “Hidden Risk Behind New Surge of Bitcoin Price.app,” according to the report.

SentinelLabs claims that BlueNoroff has imitated authentic Web3 solutions by establishing a network of infrastructure centred on cryptocurrency interests. This makes it possible for the group to target cryptocurrency users and obtain their personal data for phishing attacks.

As of right now, Apple has not addressed the cybersecurity firm’s findings.

In September, the FBI reported that crypto consumers lost over $5.6 billion (roughly Rs. 47,029 crore) to cryptocurrency-related fraud in 2023, marking a 45 percent increase from 2022. The agency also observed an increase in North Korean-attributed hacks with a crypto focus.

Crypto tracking company Arkham Intelligence disclosed in October that a US government cryptocurrency wallet holding assets taken from the Bitfinex hack of 2016 had been compromised by an unidentified hacker. According to Arkham, the wallet was stolen with about $20 million (about Rs. 168 crore).

Insiders in the crypto community have cautioned people on numerous occasions not to interact with crypto-related content from unknown or unreliable sources.

Leave a Reply

Your email address will not be published. Required fields are marked *