The BlueNoroff group, also known as Sapphire Sleet and APT38, has developed new targeting techniques specifically for C-level executives in technology. Their recent campaigns, GhostCall and GhostHire, launched in April 2025, employ innovative social engineering tactics and advanced malware mechanisms. The GhostCall campaign targets macOS users by luring them into fake investment meetings through fraudulent video conferencing platforms, while GhostHire manipulates Web3 developers with false recruitment processes.
Utilizing generative AI, the group has significantly upped its phishing effectiveness by creating convincing materials. This transition not only shows a tactical shift toward macOS but also reflects their adaptability to evolving technological environments in their target demographics. Their ingenious malware deployment, including the GillyInjector framework and various extraction techniques, highlights a sophisticated approach to compromise sensitive data such as cryptocurrency wallets and cloud tokens. By employing meticulous coding and encryption methods, BlueNoroff indicates a substantial enhancement in its operational capabilities, posing serious risks to executives within the cryptocurrency sector.
👉 Pročitaj original: Cyber Security News
