Skip to main content

North Korean hacking outfit impersonates venture capital firms

posted onDecember 28, 2022
by l33tdawg
SC Magazine
Credit: SC Magazine

A financially-motivated hacking group tied to North Korea has been impersonating venture capital firms in Japan, the United States and other countries in an effort to spearphish startup employees and related businesses, according to new research.

In a report released Tuesday, security researchers at Kaspersky said the group - tracked as “BlueNoroff” by Kaspersky and “HiddenCobra” by others - registered at least 70 web domains over the last year mimicking the websites of real venture capital firms in Japan and other financial institutions. The sites function as phishing lures to deliver malware and Kaspersky believes that start up employees are among the targeted victims, as several decoy documents were crafted to look like job offers.

“The actor usually used fake domains such as cloud hosting services for hosting malicious documents or payloads. They also created fake domains disguised as legitimate companies in the financial industry and investment companies,” wrote Seongsu Park, lead security researcher at Kaspersky. The group appears primarily interested in Japanese businesses, targeting local venture capital firms like Beyond Next Ventures, Z Venture Capital and ABF Capital. They also impersonated a Taiwanese venture capital fund as well as financial institutions like Bank of America, the Sumitomo Mitsui Banking Corporation and the Mitsubishi UFJ Financial Group.

Source

Tags

Industry News

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th