A new cyberattack campaign has been discovered involving BlueNoroff, which is known for targeting financial systems. In this case, the group is focusing on people working in the cryptocurrency industry. The attackers are using fake online meetings to trick victims into trusting them. These meetings appear to be real business discussions. However, everything is actually controlled by the hackers behind the scenes.
The attackers usually start by sending meeting invitations through email or messaging apps. These invites often look very professional and well-planned. In many cases, they even use scheduling tools to make the meeting seem legitimate. Once the target receives the invite, nothing appears suspicious at first. This increases the chances that the victim will accept and join the meeting.
When the victim clicks on the meeting link, they are redirected to a fake website that looks like Zoom. The interface is designed in such a way that it closely matches the real platform. Because of this, most users cannot easily identify that it is fake. The login or joining process feels completely normal. This is where the attackers begin to gain the victim’s trust.
After joining the meeting, the victim sees multiple participants already present in the call. These participants look like real professionals, such as investors or company representatives. In reality, they are created using stolen videos or AI-generated avatars. The combination of real and fake visuals makes the meeting look convincing. This step is important because it builds confidence in the victim.
During the meeting, the attackers try to get the victim to take certain actions. They may ask the victim to install software or allow access to their camera and microphone. Once these permissions are granted, the attackers can start collecting sensitive data. In some cases, malware is installed silently in the system. At the same time, the victim’s video feed may also be recorded.
One of the most dangerous aspects of this attack is how it continues to spread. The attackers reuse the recorded videos of previous victims in future meetings. These real videos are shown to new targets to make the calls look even more genuine. Because the faces belong to real people, trust increases quickly. This creates a chain effect where each victim helps in targeting the next one.
The campaign mainly targets cryptocurrency professionals like founders, executives, and investors. Reports indicate that around 100 individuals have already been identified in this operation. A large number of them are connected to crypto-related businesses. These individuals are chosen because they have access to valuable digital assets. This makes them highly attractive targets for attackers.
Artificial Intelligence plays a key role in making this attack successful and scalable. It helps in creating realistic avatars and improving the quality of fake interactions. This makes the attack much more advanced than traditional phishing methods. Instead of simple emails, attackers now create full interactive environments. This shows that cyber threats are becoming more sophisticated and harder to detect.
Stay alert, and keep your security measures updated!
Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news
