Close Menu
fintechbits
  • News
  • AI
  • Acquisitions
  • Trends
  • Opportunities
  • Insights
  • Rumors
  • Regulatory
  • Startups
  • Innovations

Subscribe to Updates

Get the latest news from Fintechbits.

Trending Now

AI can enhance customer experiences and services without sacrificing accuracy in banking and finance.

May 30, 2025

Collaboration with Rillet: The Financial ERP Designed for the AI Era

May 29, 2025

Five essential financial metrics you must always consider

May 29, 2025

Copenhagen-based fintech startup Grondley secures €970,000 to develop advanced financing solutions using AI technology.

May 29, 2025
Facebook X (Twitter) Instagram
Trending
  • AI can enhance customer experiences and services without sacrificing accuracy in banking and finance.
  • Collaboration with Rillet: The Financial ERP Designed for the AI Era
  • Five essential financial metrics you must always consider
  • Copenhagen-based fintech startup Grondley secures €970,000 to develop advanced financing solutions using AI technology.
  • Financial managers achieve a sixfold increase at the AI Wolters Kluwer agency.
  • Payments Postglobaux announces that Fintech Acrisure will acquire its payroll unit, Heartland Payroll Solutions, for $1.1 billion in payments.
  • Examining the Regulatory Environment for Digital Assets in the Evolving Fintech Landscape: Opportunities in the US, UK, and EU by Latham & Watkins LLP
  • Exploring Fintech, Cryptocurrency, and Online Job Opportunities in South Africa from May 29 to 30 – Cape Town FMAS: 25
Facebook X (Twitter) Instagram Pinterest Vimeo
fintechbits
  • News

    The impact of the fintech recruitment crisis on job seekers.

    May 28, 2025

    Turkish Fintech Papara Under Investigation for Potential Money Laundering Activities

    May 27, 2025

    The Fintech Agreement aims to secure lower-cost funding from Africa.

    May 26, 2025

    The CEO of Lead Bank advocates for discussing a narrative at the premier Fintech event.

    May 22, 2025

    Breaking: Jaywing purchased by London Fintech in a highly complementary deal.

    May 21, 2025
  • AI

    AI can enhance customer experiences and services without sacrificing accuracy in banking and finance.

    May 30, 2025

    Collaboration with Rillet: The Financial ERP Designed for the AI Era

    May 29, 2025

    Five essential financial metrics you must always consider

    May 29, 2025

    Financial managers achieve a sixfold increase at the AI Wolters Kluwer agency.

    May 29, 2025

    Saudi Arabia aims to leverage its financial strength to strengthen its position in the global AI industry.

    May 28, 2025
  • Acquisitions

    The HPS of Morocco plans to acquire a Fintech company by 2027, referred to as CEO – TradingView News.

    May 3, 2025

    The Challenges of Implementing Central Bank Digital Currencies (CBDCs)

    April 14, 2025

    Apex Fintech considering the purchase of Bakkt

    April 13, 2025

    The Future of Digital Wallets: Trends to Watch

    April 12, 2025

    What Is Blockchain and How Is It Used in Finance?

    April 11, 2025
  • Trends

    The $2.6 Trillion Revolution: Inside 2025’s Private Credit BoomHow a once-niche asset class is redefining modern finance

    May 21, 2025

    The Transformative Power of Generative AI in Financial Services: Innovation, Implementation, and Impact

    May 16, 2025

    Latin America’s Fintech Sector Poised to Reach 49.58 Billion USD

    May 1, 2025

    Analysis of Industry Market Size in the 2025 Fintech Market Report

    April 28, 2025

    Analysis of Trends and Key Drivers in India’s Blockchain Fintech Sector

    April 23, 2025
  • Opportunities

    Exploring Fintech, Cryptocurrency, and Online Job Opportunities in South Africa from May 29 to 30 – Cape Town FMAS: 25

    May 29, 2025

    Biannual Work in Barcelona Employment and Information Fair Returns on May 21 with 40 Organizations and Over 2,000 Participants

    May 22, 2025

    Treasury Engages in Discussions with Fintech Unicorns About Joining the London Stock Exchange

    May 20, 2025

    Top Fintech Employers of 2025

    May 15, 2025

    Governor Kelly reveals collaboration with FISERV to establish a fintech strategic hub.

    April 23, 2025
  • Insights

    Payments Postglobaux announces that Fintech Acrisure will acquire its payroll unit, Heartland Payroll Solutions, for $1.1 billion in payments.

    May 29, 2025

    RBI strengthens the rule on default loss guarantees; NBFCS will exclude coverage for original loans in Fintech

    May 28, 2025

    Fintech company Airwallex exceeds a valuation of $6 billion in its latest funding round.

    May 24, 2025

    Fintech Airwallex reaches a valuation exceeding $6 billion in its latest funding round.

    May 22, 2025

    Bath Capital guides targeted investment in Acrisure’s growth initiatives.

    May 22, 2025
  • Rumors

    Motorola Considers $4.5 Billion Investment in Wireless Radio and Other Speculations

    May 25, 2025

    404 Error – Page Unavailable on Coinspeaker

    May 22, 2025

    Brighthouse Financial executives address misleading rumors and inconsistent first-quarter figures in insurance news.

    May 16, 2025

    FortunePayoneer delayed guidelines for 2025 and sought a buyer in November.

    May 11, 2025

    Nubank refutes speculation about a fence during the surge in misinformation.

    May 7, 2025
  • Regulatory

    Examining the Regulatory Environment for Digital Assets in the Evolving Fintech Landscape: Opportunities in the US, UK, and EU by Latham & Watkins LLP

    May 29, 2025

    The FMA reveals the participants in the Sand Tips Fintech program.

    May 25, 2025

    Fintech Groww Targets 800 Million Dollar Initial Public Offering

    April 26, 2025

    Wolters Kluwer Receives the Prix Fintech Breakthrough Award 2025 for its Onesumx Solution

    April 22, 2025

    Partner in Fintech Founders launches a new Self-Regulatory Organization

    April 19, 2025
  • Startups

    Copenhagen-based fintech startup Grondley secures €970,000 to develop advanced financing solutions using AI technology.

    May 29, 2025

    Chosunbizseoul Fintech Lab hosts a successful seminar on investment opportunities for startups at Finch Hub in Seoul, targeting the Asian financial center.

    May 28, 2025

    SG Company secures a 51% stake in FinTUP Fintech K2 Capital

    May 27, 2025

    The Startup Fintech secures $7.5 million to streamline financial management for consumers and small-to-medium businesses.

    May 27, 2025

    MONEYCONTROLFLIPKART plans to recruit 5,000 employees this year amid rapid trading in fintech and the rise of AI, marking the largest hiring effort in recent years. This expansion is connected to their focus on pivotal growth markets.

    May 27, 2025
  • Innovations

    Top 10 Nations Leading in Technological Innovation by 2025

    May 22, 2025

    New Course Overview: Successful Fintech Strategies

    May 20, 2025

    How Malta’s iGaming Framework Promotes Innovation in European Fintech

    May 18, 2025

    Fintech vs. Big Banks: Who Will Win the Battle for Gen Z’s Wallet?

    May 13, 2025

    Key Innovations Transforming Careers in Fintech

    May 6, 2025
fintechbits
Home » North Korean hackers target Brazilian fintech with sophisticated phishing tactics
Jobs Market News

North Korean hackers target Brazilian fintech with sophisticated phishing tactics

4 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Reddit
North Korea.png
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link
Phishing Tactics

North Korea-linked malicious actors have been responsible for a third of all phishing activity targeting Brazil since 2020, as the country’s emergence as an influential power has attracted the attention of cyber espionage groups.

“Actors backed by the North Korean government have targeted the Brazilian government and the Brazilian aerospace, technology, and financial services sectors,” Google’s Mandiant and Threat Analysis Group (TAG) divisions said. said in a joint report released this week.

“Similar to targeting interests in other regions, cryptocurrency and fintech companies have come under particular scrutiny, and at least three North Korean groups have targeted Brazilian cryptocurrency and fintech companies.”

Among these groups is a threat actor tracked as UNC4899 (aka Jade Sleet, PUKCHONG, and TraderTraitor), which targeted cryptocurrency professionals with a trojanized Python application containing malware.

The attack chains involve contacting potential targets via social media and sending a harmless PDF document containing a job description for a supposed job opportunity at a well-known cryptocurrency company.

If the target expresses interest in the job posting, the malicious actor sends them a second, harmless PDF document containing a skills questionnaire and instructions to complete a coding task by downloading a project from GitHub.

Cybersecurity

“The project was a trojanized Python application to retrieve cryptocurrency prices that was modified to reach an attacker-controlled domain to retrieve a second-stage payload if specific conditions were met,” Mandiant and TAG researchers said.

This isn’t the first time UNC4899, which was attributed to the 2023 JumpCloud hack, has used this approach. In July 2023, GitHub warned of a social engineering attack that sought to trick employees working at blockchain, cryptocurrency, online gambling and cybersecurity companies into running code hosted in a GitHub repository using fake npm packages.

Job-targeted social engineering campaigns are a recurring theme among North Korean hacking groups, with the tech giant also spotting a campaign orchestrated by a group it tracks under the name PAEKTUSAN to distribute a C++ downloader malware called AGAMEMNON via Microsoft Word attachments embedded in phishing emails.

“In one example, PAEKTUSAN created an account impersonating a human resources manager at a Brazilian aerospace company and used it to send phishing emails to employees at a second Brazilian aerospace company,” the researchers noted, adding that the campaigns are consistent with long-standing activity tracked as Operation Dream Job.

“In a separate campaign, PAEKTUSAN posed as a recruiter for a major U.S. aerospace company and contacted professionals in Brazil and other regions via email and social media about potential job opportunities.”

Google also said it had blocked attempts by another North Korean group dubbed PRONTO to target diplomats with denuclearization- and news-related email lures to trick them into visiting credential-collection pages or providing their login information to view a purported PDF document.

The development comes weeks after Microsoft shed light on a previously undocumented North Korean threat actor named Moonstone Melted Snowwhich targeted individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and espionage attacks.

Notable tactics of Moonstone Sleet include distributing malware via counterfeit npm packages. published on the npm registrymirroring that of UNC4899. That said, the packages associated with the two clusters have distinct code styles and structures.

“The Jade Sleet packages, discovered throughout the summer of 2023, have been designed to work in pairs“each pair being published by a separate npm user account to distribute their malicious functionality,” Checkmarx researchers Tzachi Zornstein and Yehuda Gelb said. said.

Cybersecurity

“In contrast, packages released in late 2023 and early 2024 took a more streamlined, single-package approach that would execute its payload immediately after installation. During Q2 2024, the packages became more complex, with attackers adding obfuscation and also targeting Linux systems.”

Despite the differences, this tactic abuses the trust that users place in open source repositories, allowing threat actors to reach a wider audience and increasing the likelihood that one of their malicious packages could be inadvertently installed by unwitting developers.

This revelation is significant, particularly because it marks an expansion of Moonstone Sleet’s malware distribution mechanism, which previously relied on distributing fake npm packages via LinkedIn and independent websites.

The results also follow the discovery of a new social engineering campaign undertaken by groups linked to North Korea Kimsuky Group in which he impersonated the Reuters news agency to target North Korean human rights activists in order to distribute information-stealing malware under the guise of an interview request, according to Genians.

Did you find this article interesting? Follow us on Twitter  And LinkedIn to read more of the exclusive content we publish.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Exploring Fintech, Cryptocurrency, and Online Job Opportunities in South Africa from May 29 to 30 – Cape Town FMAS: 25

May 29, 2025

Biannual Work in Barcelona Employment and Information Fair Returns on May 21 with 40 Organizations and Over 2,000 Participants

May 22, 2025

Treasury Engages in Discussions with Fintech Unicorns About Joining the London Stock Exchange

May 20, 2025
Leave A Reply Cancel Reply

Latest news

AI can enhance customer experiences and services without sacrificing accuracy in banking and finance.

May 30, 2025

Collaboration with Rillet: The Financial ERP Designed for the AI Era

May 29, 2025

Five essential financial metrics you must always consider

May 29, 2025
News
  • AI in Finance (1,207)
  • Breaking News (148)
  • Corporate Acquisitions (45)
  • Corporate Acquistions (17)
  • Industry Trends (169)
  • Jobs Market News (288)
  • Market Insights (177)
  • Market Rumors (230)
  • Regulatory Updates (143)
  • Startup News (793)
  • Technology Innovations (147)
  • X Feed (1)
About US
About US

FintechBits is an blog delivering the latest news and insights in fintech, finance, and technology. We cover breaking news, market trends, innovations, and expert opinions to keep you informed about the future of finance

Facebook X (Twitter) Instagram Pinterest Reddit TikTok
News
  • AI in Finance (1,207)
  • Breaking News (148)
  • Corporate Acquisitions (45)
  • Corporate Acquistions (17)
  • Industry Trends (169)
  • Jobs Market News (288)
  • Market Insights (177)
  • Market Rumors (230)
  • Regulatory Updates (143)
  • Startup News (793)
  • Technology Innovations (147)
  • X Feed (1)
Happening Now

November 28, 2024

“ Intentionally collaborative ”: how the Rotman school of U of T leads Innovation Fintech

February 6, 2025

‘1957 Ventures’ to Drive FinTech Innovation in Saudi Arabia

September 10, 2024
  • About FintechBits
  • Advertise With us
  • Contact us
  • Disclaimer
  • Privacy Policy
  • Terms and services
  • BUY OUR EBOOK GUIDE
© 2025 Designed by Fintechbits

Type above and press Enter to search. Press Esc to cancel.