Dark Web Profile: Moonstone Sleet - #FakePenny
Moonstone Sleet, a North Korean APT group previously known as Storm-1789, has been identified by Microsoft and other cybersecurity experts as a sophisticated threat actor conducting cyber espionage and financial theft operations. This group employs a range of tactics, including social engineering, trojanized software, malicious games, and custom ransomware named FakePenny, which demands substantial ransoms. Moonstone Sleet sets up fake companies, posts fraudulent job listings, and uses platforms like LinkedIn to lure victims, while also targeting supply chains with malicious npm packages. They have developed a unique attack infrastructure, distinguishing their operations from other North Korean groups like Diamond Sleet. Cybersecurity professionals recommend a comprehensive security posture, including endpoint protection, threat hunting, and multi-layered defenses to mitigate the threats posed by Moonstone Sleet.