Mastodawn

⚯ Michel de Cryptadamus ⚯Apr 18, 2025

2/ ...and it just so happens that #PaloAlto released a long investigation into a newer and less well known North Korean crypto operation called "Slow Pisces" and/or "Jade Sleet" at the same time.

This time the #DRPK's crypto thieves pose as recruiters on LinkedIn and try to lure developers into doing various coding challenges hosted on #GitHub as part of a job interview. Doing a challenge leads to infection with custom Python #malware.

https://unit42.paloaltonetworks.com/slow-pisces-new-custom-malware/

#NorthKorea #LazarusGroup #crypto #cybersecurity #infosec #espionage #programming #Stellar #Metamask #NickLFranklin #SlowPisces #JadeSleet #Python #macOS #GitHub

Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware

North Korean state-sponsored group Slow Pisces (Jade Sleet) targeted crypto developers with a social engineering campaign that included malicious coding challenges. North Korean state-sponsored group Slow Pisces (Jade Sleet) targeted crypto developers with a social engineering campaign that included malicious coding challenges.

Unit 42

lazarusholic Oct 16, 2024

"Microsoft Digital Defense Report 2024" published by Microsoft. #CitrineSleet, #JadeSleet, #MoonstoneSleet, #SapphireSleet, #Trend, #DPRK, #CTI https://www.microsoft.com/en-us/security/security-insider/intelligence-reports/microsoft-digital-defense-report-2024

Microsoft Digital Defense Report 2024

The 2024 Microsoft Digital Defense Report (MDDR) addresses cyber threats and AI offering insights and guidance to help enhance security and stay ahead of risks.

lazarusholic Jun 14, 2024

"A New North Korean Group Emerges, Disrupting the Open Source Ecosystem" published by Checkmarx. #JadeSleet, #NPM, #MoonstoneSleet, #CTI, #OSINT, #LAZARUS https://checkmarx.com/blog/a-new-north-korean-group-emerges-disrupting-the-open-source-ecosystem/

A New North Korean Group Emerges, Disrupting the Open Source Ecosystem - Checkmarx.com

Moonstone Sleet, a newly identified North Korean threat actor, has entered the scene, targeting the open-source software supply chain with tactics similar to other well-known North Korean groups.

Checkmarx.com

lazarusholic Aug 7, 2023

"Lazarus Group Launches First Open Source Supply Chain Attacks Targeting Crypto Sector" published by Checkmarx. #JadeSleet, #NPM, #CTI, #OSINT, #LAZARUS https://medium.com/checkmarx-security/lazarus-group-launches-first-open-source-supply-chain-attacks-targeting-crypto-sector-cabc626e404e

lazarusholic Jul 21, 2023

"Security alert: social engineering campaign targets technology industry employees" published by Github. #JadeSleet, #NPM, #CTI, #OSINT, #LAZARUS https://github.blog/2023-07-18-security-alert-social-engineering-campaign-targets-technology-industry-employees/

Security alert: social engineering campaign targets technology industry employees

GitHub has identified a low-volume social engineering campaign that targets the personal accounts of employees of technology firms. No GitHub or npm systems were compromised in this campaign. We’re publishing this blog post as a warning for our customers to prevent exploitation by this threat actor.

The GitHub Blog