Observes Targeted Attacks Amid FBI Warnings

216.73.216.6

Observes Targeted Attacks Amid FBI Warnings

· Published 17/09/2024 13:55 · Modified 17/09/2024 14:59

Essential information

Published: 17/09/2024 13:55
Modified: 17/09/2024 14:59
Tags: 2024-09-17 backdoor cryptoindustry infostealer malware northkorea rustdoor socialengineering thiefbucket
Related entities: 8 observables, 1 intrusion sets (apt), 16 techniques (mitre), 2 malware, 2 others

Description

The report details targeted attacks observed by Jamf Threat Labs that align with FBI warnings about the Democratic People's Republic of Korea (DPRK) targeting individuals in the crypto industry through social engineering tactics for malware delivery. It outlines attack scenarios involving malicious coding challenges and techniques to install backdoor malware, steal credentials, and maintain persistence. Analysis of the malware's capabilities, updates, and command-and-control infrastructure is provided.

External references

https://www.jamf.com/blog/jamf-threat-labs-observes-targeted-attacks-amid-fbi-warnings/
https://otx.alienvault.com/pulse/66e98a4297c7a88ba6af3431