Crypto Heist Comedy: North Korea’s Sapphire Sleet Strikes Again!
Sapphire Sleet, a North Korea-linked threat actor, swindled over $10 million in cryptocurrency using LinkedIn profiles. These cyber masterminds posed as recruiters and venture capitalists, orchestrating social engineering scams that duped victims into downloading malware. By impersonating financial firms, they accessed credentials and crypto wallets to fund their sanction-hit nation.
Hot Take:
If LinkedIn had a “Most Creative Use of a Fake Profile” award, Sapphire Sleet would surely sweep the competition! While they’re certainly not the kind of networkers you want in your professional circle, you almost have to admire their audacity and commitment to catfishing the cryptocurrency world. Maybe next they’ll start offering “How to Scam” webinars—just be sure they’re not the ones sending the meeting link!
Key Points:
- Sapphire Sleet, a North Korean-linked threat actor, has stolen over $10 million in cryptocurrency through social engineering.
- They create fake LinkedIn profiles as recruiters or job seekers to trick targets into downloading malware.
- The group has been operational since at least 2020 and overlaps with other hacking groups like APT38 and BlueNoroff.
- They use fake skills assessment portals and venture capitalist personas to lure victims.
- North Korean IT workers use AI tools to create fake job application materials and profiles.