"North Korea-Linked APT Sapphire Sleet Targets IT Job Seekers With Bogus Skills Assessment Portals"
Sapphire Sleet, also known as APT38, BlueNoroff, CageyChameleon, and CryptoCore, is a subgroup of the Lazarus Advanced Persistent Threat (APT) group. The APT group has targeted cryptocurrency exchanges, venture capital firms, and banks. Microsoft researchers are warning of a new social engineering campaign targeting Information Technology (IT) job seekers involving fake skills assessment portals. Sapphire Sleet has previously been observed using platforms such as LinkedIn and applying lures related to skills assessment. Once communication with the victims has been established, the threat actors move it to instant messaging apps or email. Sapphire Sleet either sent weaponized attachments directly or used links to pages on legitimate sites. According to Microsoft researchers, after discovering Sapphire Sleet's tactics, the APT group switched to new attack techniques by creating its own websites. This article continues to discuss the Sapphire Sleet campaign targeting IT job seekers.
Submitted by grigby1