Close Menu
fintechbits
  • News
  • AI
  • Acquisitions
  • Trends
  • Insights
  • Rumors
  • Startups
  • finjobsly

Subscribe to Updates

Get the latest news from Fintechbits.

Trending Now

The FRA authorizes Endtech’s expansion and the establishment of three new startups.

July 22, 2025

Finxtex Middle East 2025 offers exclusive opportunities to access fintech markets through a visit to three cities.

July 22, 2025

Trends in Fintech and Key Safety Considerations

July 22, 2025

DBS Expands Career Coaching Access in Labor Market

July 22, 2025
Facebook X (Twitter) Instagram
Trending
  • The FRA authorizes Endtech’s expansion and the establishment of three new startups.
  • Finxtex Middle East 2025 offers exclusive opportunities to access fintech markets through a visit to three cities.
  • Trends in Fintech and Key Safety Considerations
  • DBS Expands Career Coaching Access in Labor Market
  • The co-founder of Monzo and Starling is backing the British fintech company Monet.
  • The evolution of AI-driven financial content creation and its influence on investment research.
  • Fast Track Group refutes $37 million in direct supply allegations and responds to market speculation.
  • Italian fintech Toduba raises 3.5 million euros to enhance digitization in employee social protection.
Facebook X (Twitter) Instagram Pinterest Vimeo
fintechbits
  • News

    This Week in Fintech: Biweekly News Summary for June 24

    July 19, 2025

    Fintech and Global Expansion as Russia’s National Center Hosts a Major Session at SPIEF 2025 in Salt Lake City News, Weather, and Sports Updates

    July 15, 2025

    Alona Shevtsova emphasizes the importance of connection at the recent London Fintech Club event – London Business News

    July 15, 2025

    Unicorn Bank Zero represents the final achievement of his fintech journey.

    July 9, 2025

    Fintech Company Pine Labs Submits Documents to SEBI for IPO Fundraising

    July 4, 2025
  • AI

    The evolution of AI-driven financial content creation and its influence on investment research.

    July 22, 2025

    How AI Developments will Transform Global Financial Services

    July 21, 2025

    Sounds, Explosions, and Hazardous Zones in Safety

    July 21, 2025

    Cetera introduces a new AI platform for financial advisors.

    July 20, 2025

    More Canadians are utilizing AI for financial planning: What to watch for with Forexperts, as generative AI is beneficial if you have foundational knowledge, but chatbots may miss important nuances.

    July 20, 2025
  • Acquisitions

    African fintech leaders are shaping the industry through worldwide acquisitions.

    June 30, 2025

    Acrisure obtains significant funding to enhance its fintech strategy.

    June 14, 2025

    $200 million IPO SPAC aims for acquisitions in fintech and AI sectors.

    June 1, 2025

    Wealthsimple hires multiple teams to enhance family financial management.

    May 31, 2025

    The HPS of Morocco plans to acquire a Fintech company by 2027, referred to as CEO – TradingView News.

    May 3, 2025
  • Trends

    Trends in Fintech and Key Safety Considerations

    July 22, 2025

    Market size, share, trends, and business profiles in the Fintech industry

    July 10, 2025

    Overview of the FINCH 2025 Market and Participant Profiles

    July 5, 2025

    Key Trends and Focus Areas in Fintech Payments for 2025

    June 22, 2025

    Overview of the Singapore Fintech Market: Market Size, Trends, and Growth Potential

    June 18, 2025
  • Insights

    ICAPITAL Fintech Achieves a Valuation Exceeding $7.5 Billion in Recent Fundraising Amid Surge in Private Markets

    July 10, 2025

    Alphalésaka Technologies: The Potential Transformative Impact of Recent Fintech Acquisition

    July 9, 2025

    Surge Continuation Funds in Europe Prepared for the 2025 Records – Fintech Schweiz Digital Finance News

    July 7, 2025

    Schaeffer Investment Research Scholarships Break Through Significant Resistance Levels

    June 27, 2025

    Finance Magnates Reports: XBO Designated as Top Cryptocurrency Payment Gateway. XBO’s core principles of trust and simplicity align with cutting-edge solutions, providing customers access to an award-winning crypto payment option. 16 hours ago

    June 26, 2025
  • Rumors

    Fast Track Group refutes $37 million in direct supply allegations and responds to market speculation.

    July 21, 2025

    Pro-Ripple attorney addresses XRP and Circle speculation on TradingView News

    July 19, 2025

    Exploring the Enigmatic Surge of 7.5% in Semiconductors: An In-Depth Technical Analysis

    July 18, 2025

    The dollar is affected by speculation about Powell in the markets.

    July 17, 2025

    Tesla has announced that the new six-seat YL model will launch in China later this year.

    July 17, 2025
  • Startups

    The FRA authorizes Endtech’s expansion and the establishment of three new startups.

    July 22, 2025

    Finxtex Middle East 2025 offers exclusive opportunities to access fintech markets through a visit to three cities.

    July 22, 2025

    The co-founder of Monzo and Starling is backing the British fintech company Monet.

    July 22, 2025

    Italian fintech Toduba raises 3.5 million euros to enhance digitization in employee social protection.

    July 21, 2025

    Israeli insurer Wesure combines with Fintech House

    July 19, 2025
  • finjobsly
fintechbits
Home » North Korean hackers target Brazilian fintech with sophisticated phishing tactics
Jobs Market News

North Korean hackers target Brazilian fintech with sophisticated phishing tactics

4 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Reddit
North Korea.png
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link
Phishing Tactics

North Korea-linked malicious actors have been responsible for a third of all phishing activity targeting Brazil since 2020, as the country’s emergence as an influential power has attracted the attention of cyber espionage groups.

“Actors backed by the North Korean government have targeted the Brazilian government and the Brazilian aerospace, technology, and financial services sectors,” Google’s Mandiant and Threat Analysis Group (TAG) divisions said. said in a joint report released this week.

“Similar to targeting interests in other regions, cryptocurrency and fintech companies have come under particular scrutiny, and at least three North Korean groups have targeted Brazilian cryptocurrency and fintech companies.”

Among these groups is a threat actor tracked as UNC4899 (aka Jade Sleet, PUKCHONG, and TraderTraitor), which targeted cryptocurrency professionals with a trojanized Python application containing malware.

The attack chains involve contacting potential targets via social media and sending a harmless PDF document containing a job description for a supposed job opportunity at a well-known cryptocurrency company.

If the target expresses interest in the job posting, the malicious actor sends them a second, harmless PDF document containing a skills questionnaire and instructions to complete a coding task by downloading a project from GitHub.

Cybersecurity

“The project was a trojanized Python application to retrieve cryptocurrency prices that was modified to reach an attacker-controlled domain to retrieve a second-stage payload if specific conditions were met,” Mandiant and TAG researchers said.

This isn’t the first time UNC4899, which was attributed to the 2023 JumpCloud hack, has used this approach. In July 2023, GitHub warned of a social engineering attack that sought to trick employees working at blockchain, cryptocurrency, online gambling and cybersecurity companies into running code hosted in a GitHub repository using fake npm packages.

Job-targeted social engineering campaigns are a recurring theme among North Korean hacking groups, with the tech giant also spotting a campaign orchestrated by a group it tracks under the name PAEKTUSAN to distribute a C++ downloader malware called AGAMEMNON via Microsoft Word attachments embedded in phishing emails.

“In one example, PAEKTUSAN created an account impersonating a human resources manager at a Brazilian aerospace company and used it to send phishing emails to employees at a second Brazilian aerospace company,” the researchers noted, adding that the campaigns are consistent with long-standing activity tracked as Operation Dream Job.

“In a separate campaign, PAEKTUSAN posed as a recruiter for a major U.S. aerospace company and contacted professionals in Brazil and other regions via email and social media about potential job opportunities.”

Google also said it had blocked attempts by another North Korean group dubbed PRONTO to target diplomats with denuclearization- and news-related email lures to trick them into visiting credential-collection pages or providing their login information to view a purported PDF document.

The development comes weeks after Microsoft shed light on a previously undocumented North Korean threat actor named Moonstone Melted Snowwhich targeted individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and espionage attacks.

Notable tactics of Moonstone Sleet include distributing malware via counterfeit npm packages. published on the npm registrymirroring that of UNC4899. That said, the packages associated with the two clusters have distinct code styles and structures.

“The Jade Sleet packages, discovered throughout the summer of 2023, have been designed to work in pairs“each pair being published by a separate npm user account to distribute their malicious functionality,” Checkmarx researchers Tzachi Zornstein and Yehuda Gelb said. said.

Cybersecurity

“In contrast, packages released in late 2023 and early 2024 took a more streamlined, single-package approach that would execute its payload immediately after installation. During Q2 2024, the packages became more complex, with attackers adding obfuscation and also targeting Linux systems.”

Despite the differences, this tactic abuses the trust that users place in open source repositories, allowing threat actors to reach a wider audience and increasing the likelihood that one of their malicious packages could be inadvertently installed by unwitting developers.

This revelation is significant, particularly because it marks an expansion of Moonstone Sleet’s malware distribution mechanism, which previously relied on distributing fake npm packages via LinkedIn and independent websites.

The results also follow the discovery of a new social engineering campaign undertaken by groups linked to North Korea Kimsuky Group in which he impersonated the Reuters news agency to target North Korean human rights activists in order to distribute information-stealing malware under the guise of an interview request, according to Genians.

Did you find this article interesting? Follow us on Twitter  And LinkedIn to read more of the exclusive content we publish.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

DBS Expands Career Coaching Access in Labor Market

July 22, 2025

UCF is readying the future workforce through its Fintech program.

July 17, 2025

Are you considering a finance career in London? Compliance and risk management are key areas according to Finch – TradingView News

July 15, 2025
Leave A Reply Cancel Reply

Latest news

The FRA authorizes Endtech’s expansion and the establishment of three new startups.

July 22, 2025

Finxtex Middle East 2025 offers exclusive opportunities to access fintech markets through a visit to three cities.

July 22, 2025

Trends in Fintech and Key Safety Considerations

July 22, 2025
News
  • AI in Finance (1,388)
  • Breaking News (158)
  • Corporate Acquisitions (65)
  • Industry Trends (179)
  • Jobs Market News (293)
  • Market Insights (191)
  • Market Rumors (253)
  • Regulatory Updates (151)
  • Startup News (930)
  • Technology Innovations (155)
  • X Feed (1)
About US
About US

FintechBits is a blog delivering the latest news and insights in fintech, finance, and technology. We cover breaking news, market trends, innovations, and expert opinions to keep you informed about the future of finance

Facebook X (Twitter) Instagram Pinterest Reddit TikTok
News
  • AI in Finance (1,388)
  • Breaking News (158)
  • Corporate Acquisitions (65)
  • Industry Trends (179)
  • Jobs Market News (293)
  • Market Insights (191)
  • Market Rumors (253)
  • Regulatory Updates (151)
  • Startup News (930)
  • Technology Innovations (155)
  • X Feed (1)
Happening Now

November 28, 2024

“ Intentionally collaborative ”: how the Rotman school of U of T leads Innovation Fintech

February 6, 2025

‘1957 Ventures’ to Drive FinTech Innovation in Saudi Arabia

September 10, 2024
  • About FintechBits
  • Advertise With us
  • Contact us
  • Disclaimer
  • Privacy Policy
  • Terms and services
  • BUY OUR EBOOK GUIDE
© 2025 Designed by Fintechbits

Type above and press Enter to search. Press Esc to cancel.