Cybersecurity firm SentinelLabs has issued an alert about a significant threat targeting members of the crypto community using macOS. According to their findings, the North Korean group BlueNoroff is spreading false encryption news to trick users into downloading multi-storage malware infections onto their MacBooks. This attack, known as the “Hidden Risk” campaign, has been spreading since early 2024.
SentinelLabs said in the report that the malware was triggered via suspicious emails. The emails contained fake cryptocurrency news that appeared to be sent by legitimate influencers.
“The emails hijacked the name of a real person in an unrelated industry as the sender and claimed to be forwarding messages from well-known cryptocurrency social media influencers,” the report said.
If a targeted macOS user opens the malicious URL attached to the email, it will redirect the user to a PDF with “delphidigital”[.]org’ domain name, which is reportedly controlled by the BlueNoroff organization.
“The full URL currently provides a benign form of the Bitcoin ETF file, the title of which will change over time. However, at some point, this URL has been or did switch to one titled “Bitcoin Price New Surge” The hidden risks behind .app serve the first stage of the malicious application package,” the report states.
According to SentinelLabs, BlueNoroff mimics legitimate Web3 solutions to build an infrastructure network focused on cryptocurrency interests. This allowed the group to target individuals involved in cryptocurrency and extract their information for phishing attacks.
So far, Apple has not responded to the findings released by the cybersecurity company.
In September, the FBI reported that cryptocurrency consumers lost more than $5.6 billion (approximately Rs. 47,029 crore) due to cryptocurrency-related fraud in 2023, an increase of 45% from 2022. Hacker attacks are on the rise.
In October, cryptocurrency tracking firm Arkham Intelligence revealed that an unidentified hacker had breached a U.S. government crypto wallet containing assets seized in the 2016 Bitfinex hack. Arkham reported that around $20 million (approximately Rs. 168 crore) was stolen from the wallet.
Crypto community insiders have repeatedly warned individuals to avoid crypto-related content from unfamiliar or unverified sources.