Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks
Essential information
- Published
- 29/05/2024 11:12
- Modified
- 29/05/2024 11:30
- Tags
- 2024-05-29 fake companies moonstone sleet north korea ransomware
- Related entities
- 1 vulnerabilities (cve), 20 observables, 1 intrusion sets (apt), 12 techniques (mitre), 5 malware, 4 others
Description
Microsoft has identified Moonstone Sleet, a new North Korean threat actor that employs various tactics, including creating fake companies, distributing trojanized legitimate tools, developing a malicious game, and deploying custom ransomware. This actor combines methods used by other North Korean groups and unique attack methodologies. Initially overlapping with Diamond Sleet, Moonstone Sleet has since established itself as a distinct, well-resourced threat actor targeting companies for financial gain and cyberespionage.
Tags: North Korea, ransomware, trojanized software, fake companies, malicious game