BlueNoroff introduces new methods bypassing MoTW
The first new method the group adopted is aimed at evading the Mark-of-the-Web (MOTW) flag, the security measure whereby Windows displays a warning message when the user tries to open a file downloaded from the internet. ... This is a classic BlueNoroff strategy to persuade the victim to execute the malicious shortcut file to acquire the decoy document’s password. Malware: Lazarus, BlueNoroff, APT38 [View Article](https://securelist.com/bluenoroff-methods-bypass-motw/108383/)