"An exploratory analysis of the DPRK cyber threat landscape using publicly available reports" published by lazarusholic. #Andariel, #BlueNoroff, #Kimsuky, #Konni, #Lazarus, #ScarCruft, #DPRK, #CTI https://link.springer.com/article/10.1007/s10207-025-00980-x

"'JustJoin' Landing Page Linked to Suspected DPRK Activity Resurfaces" published by Hunt.io. #BlueNoroff, #DPRK, #CTI https://hunt.io/blog/justjoin-landing-page-linked-to-suspected-dprk-activity-resurfaces

"Analysis of BlueNoroff Hidden Risk Indicators!" published by TLP_R3D. #BlueNoroff, #HiddenRisk, #DPRK, #CTI https://www.youtube.com/watch?v=nfuomTmUgBU

#NorthKorean threat actor #BlueNoroff has been targeting crypto-related businesses with a new multi-stage malware for macOS systems. #malware #cyberattacks https://www.bleepingcomputer.com/news/security/north-korean-hackers-use-new-macos-malware-against-crypto-firms/

📬 MacOS unter Beschuss: Krypto-Diebe tarnen bösartige App als PDF
#ITSicherheit #Krypto #Bitcoin #BlueNoroff #Cybercrime #KryptoDiebe #LazarusHacker #macOS https://sc.tarnkappe.info/a68e9b

"BlueNoroff Hidden Risk | Threat Actor Targets Macs with Fake Crypto News and Novel Persistence" published by SentinelOne. #BlueNoroff, #HiddenRisk, #macOS, #DPRK, #CTI https://www.sentinelone.com/labs/bluenoroff-hidden-risk-threat-actor-targets-macs-with-fake-crypto-news-and-novel-persistence/

#DPRK-linked #BlueNoroff used #macOS #malware with novel persistence
https://securityaffairs.com/170659/malware/bluenoroff-apt-macos-malware.html
#securityaffairs #hacking

"Lazarus APT steals cryptocurrency and user data via a decoy MOBA game" published by Kaspersky. #CVE-2024-4947, #DeFiTankLand, #Lazarus, #Manuscrypt, #BlueNoroff, #DPRK, #CTI https://securelist.com/lazarus-apt-steals-crypto-with-a-tank-game/114282/

TodoSwift Disguises Malware Download Behind Bitcoin PDF
#TodoSwift #BlueNoroff
https://www.kandji.io/blog/todoswift-disguises-malware-download-behind-bitcoin-pdf

"TodoSwift Disguises Malware Download Behind Bitcoin PDF" published by Kandji. #BlueNoroff, #macOS, #KANDYKORN, #DPRK, #CTI https://www.kandji.io/blog/todoswift-disguises-malware-download-behind-bitcoin-pdf

Back with analysis of a late 2023 BlueNorOff MacOS sample. This was a great sample to understand some of the API calls malware leverages to extract information and send back to C2. https://polaryse.github.io/posts/bluenoroff-malware/
#macos #macmalware #ARM #YARA #Ghidra #reverseengineering #malware #APT #bluenoroff #lazarusgroup

"Phishing by Appointment: Suspected North Korean Hackers Target Blockchain Community Via Telegram" published by Hunt. #Phishing, #BlueNoroff, #CTI, #OSINT, #LAZARUS https://hunt.io/blog/suspected-north-korean-hackers-target-blockchain-community-via-telegram

Calendar Meeting Links Used to Spread Mac Malware

https://krebsonsecurity.com/2024/02/calendar-meeting-links-used-to-spread-mac-malware/

#ALittleSunshine #LatestWarnings #RecordedFuture #KasperskyLabs #LazarusGroup #WebFraud2.0 #ChrisUeland #BlueNoroff #Macmalware #X-Protect #Hunt.io

Calendar Meeting Links Used to Spread Mac Malware https://krebsonsecurity.com/2024/02/calendar-meeting-links-used-to-spread-mac-malware/ #ALittleSunshine #LatestWarnings #RecordedFuture #KasperskyLabs #LazarusGroup #WebFraud2.0 #BlueNoroff #Macmalware #X-Protect #Hunt.io

Calendar Meeting Links Used to Spread Mac Malware - Malicious hackers are targeting people in the cryptocurrency space in attacks that... https://krebsonsecurity.com/2024/02/calendar-meeting-links-used-to-spread-mac-malware/ #alittlesunshine #latestwarnings #recordedfuture #kasperskylabs #lazarusgroup #webfraud2.0 #bluenoroff #macmalware #x-protect #hunt.io

"Analyzing DPRK's SpectralBlur" published by Objecive-see. #SpectralBlur, #BlueNoroff, #macOS, #CTI, #OSINT, #LAZARUS https://objective-see.org/blog/blog_0x78.html

"New BlueNoroff loader for macOS" published by Kaspersky. #RustBucket, #BlueNoroff, #macOS, #CTI, #OSINT, #LAZARUS

https://securelist.com/bluenoroff-new-macos-malware/111290/

"New BlueNoroff loader for macOS" published by Kaspersky. #RustBucket, #BlueNoroff, #macOS, #CTI, #OSINT, #LAZARUS https://securelist.com/bluenoroff-new-macos-malware/111290/

"DPRK Crypto Theft | macOS RustBucket Droppers Pivot to Deliver KandyKorn Payloads" published by SentinelOne. #RustBucket, #BlueNoroff, #macOS, #KandyKorn, #CTI, #OSINT, #LAZARUS https://www.sentinelone.com/blog/dprk-crypto-theft-macos-rustbucket-droppers-pivot-to-deliver-kandykorn-payloads/

"북한 라자루스(Lazarus) 산하 BlueNorOff(블루노로프) 만든 맥OS 악성코드-ProcessRequest(2023.11.7)" published by Sakai. #BlueNoroff, #macOS, #CTI, #OSINT, #LAZARUS https://wezard4u.tistory.com/6654