Kaspersky’s GReAT team revealed new tactics used by BlueNoroff, a subdivision of North Korea’s Lazarus Group, including campaigns GhostCall and GhostHire that leverage AI for advanced malware deployment. These operations target organizations involved in cryptocurrency, blockchain, and tech sectors across multiple continents, highlighting the increasing sophistication of cyber threats. #BlueNoroff #GhostCall #GhostHire #LazarusGroup #CyberThreats
Keypoints
- BlueNoroff, a North Korean threat actor, is using AI to develop and enhance sophisticated malware campaigns.
- The GhostCall campaign primarily targets macOS users through social engineering via fake meetings on phishing platforms.
- The GhostHire operation focuses on infiltrating developer and engineering roles with disguised malware downloads.
- Campaigns leverage a unified command infrastructure for centralized control over multiple infection chains.
- Organizations are advised to verify all unsolicited contacts, enforce strict access controls, and regularly patch systems to mitigate these advanced threats.