Bitcoin startups around the world attacked by BlueNoroff hackers

hack_b-min (1)
hack_b-min (1)

In autumn, Kaspersky Lab experts discovered targeted attack BlueNoroff cybergroups to venture capital funds, startups and banks working with cryptocurrencies around the world. This was reported to CryptoNewsHerald by representatives of the company.

Hackers created 70 fake domains masquerading as well-known venture funds and banks in Japan, the US, Vietnam and the UAE. Attackers are also experimenting with new file types — Visual Basic Script, Windows Batch, and Windows executable files — to inject malware.

Infection of systems, as a rule, occurs by sending documents supposedly containing a contract from the client. The malware allows hackers to control the system and plan to steal cryptocurrencies.

At the time of the transaction by the victim, the funds are transferred to the hacker’s wallet. Due to BlueNoroff’s ability to increase transfer limits, the stolen amount may be higher.

Hackers have learned to bypass the Mark-of-the-Web feature that warns users about opening downloaded files and launches them in protected mode. To do this, they inject malware into images and ISO-files.

Kaspersky Lab warns that in 2023, BlueNoroff is capable of launching a large-scale cyber epidemic that surpasses WannaCry.

CryptoNewsHerald previously reported that users of hundreds of banking apps, cryptocurrency wallets, and bitcoin exchanges have been victims of the Godfather mobile banking Trojan for Android.

Read CryptoNewsHerald bitcoin news in our Telegram – Cryptocurrency news, courses and analytics.

Found a mistake in the text? Select it and press CTRL+ENTER

Comments (No)

Leave a Reply