Nation-stateApr 28, 2026
BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures
BlueNoroff uses AI-generated avatars and fake Zoom calls to lure crypto executives into malware attacks.
Summary
North Korean threat group BlueNoroff is conducting sophisticated social engineering campaigns leveraging stolen victim videos, AI-generated avatars, and fraudulent Zoom calls to compromise cryptocurrency executives. The group uses deepfakes and impersonation to establish trust before delivering malware payloads, demonstrating an escalation in targeting precision and technical sophistication.
Indicators of Compromise
- malware — BlueNoroff
Entities
BlueNoroff (threat_actor)Zoom (technology)AI-generated avatars / Deepfakes (technology)