The Business & Technology Network
Helping Business Interpret and Use Technology
Home
Newswire > North Korean hackers BlueNoroff blamed for cyber attack on Canadian gambling firm
North Korean hackers BlueNoroff blamed for cyber attack on Canadian gambling firm
«  

June

  »
S M T W T F S
1
 
2
 
3
 
4
 
5
 
6
 
7
 
8
 
9
 
10
 
11
 
12
 
13
 
14
 
15
 
16
 
17
 
18
 
19
 
20
 
21
 
22
 
23
 
24
 
25
 
26
 
27
 
28
 
29
 
30
 
 
 
 
 
 

North Korean hackers BlueNoroff blamed for cyber attack on Canadian gambling firm

Tags: google social
DATE POSTED:June 26, 2025
ReadWriteWeb
Original article

BlueNoroff, the infamous North Korean hacking group, is utilizing deepfakes and fake Zoom calls in a cunning social engineering scheme to steal cryptocurrency. 

Posing as trusted contacts, the BlueNoroff group has tricked employees into downloading malware onto their macOS devices.

Reports from threat researchers at cybersecurity experts Huntress and Field Effect found that on at least two occasions, threat actors associated with the North Korean-linked advanced persistent threat (APT) group, posing as known external contacts, contacted the employees and asked to set up a Zoom call. 

In both cases, the executives agreed.

According to cybersecurity firms Huntress and Field Effect, in two recent cases, attackers contacted employees of an unnamed Canadian online gambling provider and a crypto foundation, requesting Zoom or Google Meet calls. 

During one call, an executive was misled into running a supposed “audio repair tool” that installed malware, giving hackers system control. In another, a fake Zoom domain delivered a group call with deepfakes of senior leaders, prompting the employee to download macOS malware via a malicious link.

Consistent pattern of targeting financial institutions and companies

The researchers have intimated that the malware (once installed) enables the malicious actors to gather sensitive information from the gambling provider’s networks, including login credentials, cookies, and history.

This indicates the hackers are seeking out crypto and other assets, as well as harvestable data.

BlueNoroff, also referred to as APT38, Stardust Chollima, and BeagleBoyz, is a faction of the wider state-sponsored Lazarus Group collective. It is a crucial asset of the North Korean regime’s cybercrime operations to steal crypto, to fund its weapons programs, and to work around international sanctions.

It has been active since at least 2010.

“Focused on financial gain, the group has a consistent pattern of targeting financial institutions, the cryptocurrency ecosystem, gaming and entertainment industry, and fintech companies with primary targets in South Korea, Japan, North America, and Europe,” stated the Ottawa-based Field Effects researchers. 

Image credit: Grok/X

The post North Korean hackers BlueNoroff blamed for cyber attack on Canadian gambling firm appeared first on ReadWrite.

ReadWriteWeb
Original article
Tags: google social
Newswire > North Korean hackers BlueNoroff blamed for cyber attack on Canadian gambling firm

All Rights Reserved. Copyright , Central Coast Communications, Inc.