North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry - #FakePenny
Microsoft has identified a new North Korean threat actor called Moonstone Sleet that employs sophisticated tactics like creating fake companies, trojanized software, malicious games, and custom ransomware to conduct cyber espionage and financial attacks. This group initially overlapped with Diamond Sleet but developed its own infrastructure and methods, targeting various sectors such as software, IT, education, and defense. Moonstone Sleet uses social engineering techniques, including fake job listings and partnerships, to infiltrate companies and spread malware. Their recent FakePenny ransomware demanded a ransom of $6.6 million in Bitcoin. Experts recommend a multi-layered security posture to detect and respond to Moonstone Sleet's diverse and evolving tactics.