Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks
May 29, 2024, 11:30 a.m.
Tags
External References
Description
Microsoft has identified Moonstone Sleet, a new North Korean threat actor that employs various tactics, including creating fake companies, distributing trojanized legitimate tools, developing a malicious game, and deploying custom ransomware. This actor combines methods used by other North Korean groups and unique attack methodologies. Initially overlapping with Diamond Sleet, Moonstone Sleet has since established itself as a distinct, well-resourced threat actor targeting companies for financial gain and cyberespionage. Tags: North Korea, ransomware, trojanized software, fake companies, malicious game
Date
Published: May 29, 2024, 11:12 a.m.
Created: May 29, 2024, 11:12 a.m.
Modified: May 29, 2024, 11:30 a.m.
Indicators
f66122a3e1eaa7dcb7c13838037573dace4e5a1c474a23006417274c0c8608be
f59035192098e44b86c4648a0de4078edbe80352260276f4755d15d354f5fc58
cb97ec024c04150ad419d1af2d1eb66b5c48ab5f345409d9d791db574981a3fb
9863173e0a45318f776e36b1a8529380362af8f3e73a2b4875e30d31ad7bd3c1
cafaa7bc3277711509dc0800ed53b82f645e86c195e85fbf34430bbc75c39c24
70c5b64589277ace59db86d19d846a9236214b48aacabbaf880f2b6355ab5260
56554117d96d12bd3504ebef2a8f28e790dd1fe583c33ad58ccbf614313ead8c
39d7407e76080ec5d838c8ebca5182f3ac4a5f416ff7bda9cbc4efffd78b4ff5
09d152aa2b6261e3b0a1d1c19fa8032f215932186829cfcca954cc5e84a6cc38
starglowventures.com
pointdnt.com
mingeloem.com
matrixane.com
freenet-zhilly.org
detankwar.com
defitankzone.com
ccwaterfall.com
bestonlinefilmstudio.org
chaingrown.com
blockchain-newtech.com
Attack Patterns
DeTankWar
YouieLoad
SplitLoader
FakePenny
ComeBacker
Moonstone Sleet
T1122
T1588
T1583
T1567
T1573
T1071
T1055
T1569
T1053
T1195
T1566
T1059
CVE-2023-42793
Additional Informations
Aerospace
Technology
Defense
Education