2024-05-28
Microsoft
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks
#NPM
#ITWorker
#MoonstoneSleet
#FakePenny
#Storm-1789
#PuTTY
#Storm-1877
#DeTankWar
#DeFiTankLand
FakePenny Ransomware
#FakePenny
- Reported: 2024-05
- Locations: Worldwide
- Motivations: #FinancialGain
- Sectors: #Defense
Summary
In April 2024, Microsoft observed Moonstone Sleet delivering a new custom ransomware variant we have named FakePenny against a company it previously compromised in February. FakePenny includes a loader and an encryptor. Although North Korean threat actor groups have previously developed custom ransomware, this is the first time we have observed this threat actor deploying ransomware.