Block Fake North Korean Lazarus DeFi Game #618
Labels
Code Update 🔔
Code Update
enhancement 👍
New feature or request
In-progress
In-progress
Priority: Medium
Priority: Medium
Enhancement idea
Description
What never ceases to impress us is how much effort Lazarus APT puts into their social engineering campaigns. For several months, the attackers were building their social media presence, regularly making posts on X (formerly Twitter) from multiple accounts and promoting their game with content produced by generative AI and graphic designers.
One of the tactics used by the attackers was to contact influential figures in the cryptocurrency space to get them to promote their malicious website and most likely to also compromise them.
The attackers’ activity was not limited to X — they also used professionally designed websites with additional malware, premium accounts on LinkedIn, and spear phishing through email.
Screenshots
Links
https://securelist.com/lazarus-apt-steals-crypto-with-a-tank-game/114282/
IOC
I2P websites
n/a
IPFS websites
n/a
Tor2web websites
n/a
TOR websites
n/a
URL's
n/a
Folders
n/a
Sub-Domains
n/a
Domains
IP's
n/a
ASN's
n/a
Emails
n/a
Wallet addresses
n/a
Mining pool addresses
n/a
The text was updated successfully, but these errors were encountered: