Today > | 3 Medium | 2 Low vulnerabilities   -   You can now download lists of IOCs here!

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks

May 29, 2024, 11:30 a.m.

Description

Microsoft has identified Moonstone Sleet, a new North Korean threat actor that employs various tactics, including creating fake companies, distributing trojanized legitimate tools, developing a malicious game, and deploying custom ransomware. This actor combines methods used by other North Korean groups and unique attack methodologies. Initially overlapping with Diamond Sleet, Moonstone Sleet has since established itself as a distinct, well-resourced threat actor targeting companies for financial gain and cyberespionage. Tags: North Korea, ransomware, trojanized software, fake companies, malicious game

Date

Published: May 29, 2024, 11:12 a.m.

Created: May 29, 2024, 11:12 a.m.

Modified: May 29, 2024, 11:30 a.m.

Indicators

f66122a3e1eaa7dcb7c13838037573dace4e5a1c474a23006417274c0c8608be

f59035192098e44b86c4648a0de4078edbe80352260276f4755d15d354f5fc58

cb97ec024c04150ad419d1af2d1eb66b5c48ab5f345409d9d791db574981a3fb

9863173e0a45318f776e36b1a8529380362af8f3e73a2b4875e30d31ad7bd3c1

cafaa7bc3277711509dc0800ed53b82f645e86c195e85fbf34430bbc75c39c24

70c5b64589277ace59db86d19d846a9236214b48aacabbaf880f2b6355ab5260

56554117d96d12bd3504ebef2a8f28e790dd1fe583c33ad58ccbf614313ead8c

39d7407e76080ec5d838c8ebca5182f3ac4a5f416ff7bda9cbc4efffd78b4ff5

09d152aa2b6261e3b0a1d1c19fa8032f215932186829cfcca954cc5e84a6cc38

starglowventures.com

pointdnt.com

mingeloem.com

matrixane.com

freenet-zhilly.org

detankwar.com

defitankzone.com

ccwaterfall.com

bestonlinefilmstudio.org

chaingrown.com

blockchain-newtech.com

Attack Patterns

DeTankWar

YouieLoad

SplitLoader

FakePenny

ComeBacker

Moonstone Sleet

T1122

T1588

T1583

T1567

T1573

T1071

T1055

T1569

T1053

T1195

T1566

T1059

CVE-2023-42793

Additional Informations

Aerospace

Technology

Defense

Education