Moonstone Sleet Strikes: North Korea’s Comedic Ransomware Plot Twist!

Moonstone Sleet, a North Korea-linked APT group, has started using Qilin ransomware in limited attacks, marking a shift from their custom ransomware. Known for targeting financial and cyberespionage victims, Moonstone Sleet now employs this ransomware developed by a RaaS operator, adding a new twist to their cyber antics.

3P
Published: March 10, 2025 12:06 pmAdded: March 10, 2025 at 5:20 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like Moonstone Sleet just got a “ransom” makeover! North Korea’s notorious cyber group decided to swipe left on their homemade cyber nasties and right on the Qilin ransomware. It’s like trading your mom’s secret meatloaf recipe for a Michelin-star meal prepared by a shady RaaS operator. What’s next, Moonstone? Maybe try a lemonade stand?

Key Points:

  • North Korea-linked APT Moonstone Sleet is now using Qilin ransomware.
  • Previously, they used custom ransomware tactics for attacks.
  • Qilin ransomware known for “double extortion” techniques.
  • Moonstone Sleet masquerades as fake companies and developers.
  • Qilin ransomware group previously targeted UK healthcare and Ukrainian Ministry of Foreign Affairs.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?