Advisory on DPRK (UNC1069) Fake Microsoft Teams and Zoom calls
Contents
From February 6th, 2026, to April 7th, 2026, the Security Alliance (SEAL) has tracked and implemented a wallet-level block via eth-phishing-detect for 164 domains associated with the Democratic People's Republic of Korea (DPRK) threat actor group, designated as UNC1069. In light of recent incidents, such as the compromise of the "axios" npm package utilizing attack vectors consistent with UNC1069 - a group primarily targeting the cryptocurrency sector - SEAL is publishing a comprehensive list of DPRK-operated domains utilized in sophisticated social engineering attacks involving fraudulent Microsoft Teams and Zoom meetings.
The complete list of Indicators of Compromise (IOCs) is appended at the end of this document. This advisory also details the currently active Tactics, Techniques, and Procedures (TTPs) deployed by the attackers to facilitate malicious payload delivery and execution.
Key Takeaways
- From February 6th, 2026 to April 7th, 2026,, SEAL has attributed 164 blocked domains to UNC1069 (BlueNoroff), a DPRK-nexus threat actor …
The complete list of Indicators of Compromise (IOCs) is appended at the end of this document. This advisory also details the currently active Tactics, Techniques, and Procedures (TTPs) deployed by the attackers to facilitate malicious payload delivery and execution.
Key Takeaways
- From February 6th, 2026 to April 7th, 2026,, SEAL has attributed 164 blocked domains to UNC1069 (BlueNoroff), a DPRK-nexus threat actor …
IoC
http://uswebob.com
http://ue02web.us
http://172.86.91.195
http://68.65.123.114
http://microc.click
http://us06websoom.us
http://us0lwebzoom.us
http://un01web.us
http://usa04webzoom.us
http://148.72.73.98
http://use05webzoom.us
http://69.57.162.186
http://onreallive.com
http://ue01web.us
http://162.255.119.45
http://188.227.197.32
http://usweb0b.us
http://uc01web.us
http://reallivecall.us1
http://ms-teams.live
http://uswe05.us
http://livesmeets.us1
http://84.32.84.157
http://uc05websoom.us
http://192.64.119.249
http://162.255.119.184
http://198.54.116.166
http://198.187.29.26
http://198.54.115.40
http://microcoll.com1
http://liuesus.com
http://microshlop.com
http://microscalls.com1
http://live-meet.online2
http://nicrosolt.com1
http://uc02web.us
http://68.65.123.178
http://microshen.com1
http://teamsiiwe.com
http://ms-teams.xyz
http://microsall.com1
http://68.65.121.248
http://livescall.us
http://192.64.119.29
http://us05websoom.us
http://livesmeet.us1
http://os-live.online
http://uz04web.us
http://usobweb.us
http://microsomeet.com
http://microsmeet.com
http://68.65.121.187
http://liues.us
http://132.148.217.168
http://uz06web.us
http://uco5webzoom.us
http://162.255.119.35
http://dencall.xyz
http://198.54.116.214
http://162.255.119.192
http://162.255.119.95
http://84.32.84.32
http://oneasu.com
http://uso06webzoom.us
http://livehuddle01.us
http://teemsliivc.com
http://mslivecall.us
http://192.64.119.22
http://ms-meets.us.com
http://184.94.213.200
http://microcal1.com
http://162.213.255.41
http://microe.click
http://192.64.119.144
http://linelive.us
http://68.65.123.50
http://68.65.122.242
http://66.29.153.159
http://162.255.119.134
http://ms-teams.us.com
http://microsslcheck.com
http://premuims.live
http://uk05live.us
http://microselt.com1
http://ux01web.us
http://198.54.114.236
http://uc02websoom.us
http://ww-live.online
http://onlivecall.com
http://199.188.205.45
http://uc06web.us
http://web05us.online
http://198.54.115.166
http://teams-us.live
http://micrlive.online
http://us05webxoom.us
http://ux03web.us
http://192.64.119.5
http://uz01web.us
http://micrusoft.us
http://nicrosofm.com
http://uco6webzoom.us
http://68.65.123.168
http://msteamcall.com
http://liue.us
http://us05web.site
http://ucweb05.us
http://uz03web.us
http://micromeet.us
http://os-live.xyz
http://lievec.com
http://liivoe.com
http://inmsed.com
http://68.65.121.250
http://teamsliveo.com
http://annaelsa.xyz
http://uc04web.us
http://ms-meets.xyz
http://23.254.167.21
http://162.0.215.196
http://66.29.153.158
http://91.195.240.123
http://microsdb.com1
http://teamslivc.com
http://68.65.122.191
http://micstmeet.com
http://ww-live.us
http://162.255.119.153
http://msmeet.us
http://ms-meeting.us
http://micror.click
http://microcall.us
http://olafsven.xyz
http://teamsliwe.com
http://us05webszoom.us
http://onlivemeet.com1
http://mslivecall.com
http://192.64.119.88
http://teamslivex.com
http://nisrosodf.com1
http://www-live.us
http://192.64.119.220
http://uc03web.us
http://usa06webzoom.us
http://141.136.43.165
http://msquickcall.com1
http://ms-live.team
http://ue03web.us
http://68.65.123.75
http://67.223.118.42
http://69.57.162.193
http://66.29.141.6
http://162.255.119.204
http://68.65.121.244
http://uae04webzoom.us
http://ms-live.site12
http://us03live.com
http://64.187.97.203
http://microg.click
http://uo05web.us
http://192.64.119.40
http://uswebob.us
http://renaworkshard.xyz
http://onmsed.com
http://teemslivo.com
http://us03websoom.us
http://os-live.com2
http://66.29.141.223
http://68.65.123.193
http://ueo4webzoom.us
http://teamsync.live
http://microscell.com2
http://162.255.119.19
http://microcodf.com
http://162.255.119.223
http://microsall.com
http://uso04webzoom.us
http://teamslivos.com
http://67.223.118.116
http://us07web.me
http://68.65.123.117
http://192.64.119.167
http://usweb0l.us
http://ww-live.xyz
http://198.54.120.79
http://livescall.xyz
http://microszlt.com
http://ux02web.us
http://join-uk.com
http://web-meet.live
http://uso05webzoom.us
http://microp.click
http://uco4webzoom.us
http://www-live.xyz
http://ue06web.us
http://83.136.210.87
http://outms.com
http://uo01web.us
http://us02websoom.us
http://microh.click
http://microt.click
http://microsout.com
http://nicrosolf.com1
http://liueus.com1
http://microsinfos.com
http://microschats.com
http://microca11.com
http://192.64.119.93
http://us10web.us
http://107.180.119.82
http://ww-live.com
http://mslivemeet.com1
http://us03webuoom.us
http://ms-meet.xyz12
http://198.54.116.40
http://198.54.117.242
http://teamslivs.com
http://microi.click
http://83.136.208.87
http://callshere.com
http://2.57.91.62
http://os-live.us
http://teams-meet.xyz
http://199.188.200.43
http://ue04web.us
http://66.29.132.149
http://68.65.123.163
http://web-zoom.uk
http://uso4web.us
http://web22n.us
http://83.136.210.29
http://microb.click
http://teemslive.com
http://198.54.115.108
192.64.119.5
198.54.115.166
83.136.208.87
192.64.119.40
184.94.213.200
68.65.123.178
66.29.153.158
83.136.210.87
83.136.210.29
162.213.255.41
68.65.121.250
198.54.116.166
132.148.217.168
198.187.29.26
198.54.116.40
172.86.91.195
192.64.119.88
192.64.119.167
107.180.119.82
66.29.141.6
192.64.119.29
162.255.119.153
188.227.197.32
162.255.119.19
68.65.121.244
68.65.123.75
162.255.119.204
162.0.215.196
68.65.122.242
192.64.119.93
198.54.115.40
2.57.91.62
67.223.118.116
198.54.120.79
68.65.122.191
162.255.119.35
66.29.141.223
68.65.121.187
68.65.123.193
68.65.121.248
68.65.123.50
162.255.119.184
148.72.73.98
162.255.119.223
198.54.115.108
162.255.119.45
84.32.84.32
67.223.118.42
162.255.119.134
68.65.123.168
141.136.43.165
64.187.97.203
192.64.119.249
68.65.123.114
162.255.119.192
192.64.119.22
199.188.205.45
198.54.117.242
23.254.167.21
199.188.200.43
198.54.114.236
69.57.162.186
91.195.240.123
68.65.123.163
198.54.116.214
66.29.132.149
192.64.119.220
162.255.119.95
69.57.162.193
192.64.119.144
66.29.153.159
84.32.84.157
68.65.123.117
http://ue02web.us
http://172.86.91.195
http://68.65.123.114
http://microc.click
http://us06websoom.us
http://us0lwebzoom.us
http://un01web.us
http://usa04webzoom.us
http://148.72.73.98
http://use05webzoom.us
http://69.57.162.186
http://onreallive.com
http://ue01web.us
http://162.255.119.45
http://188.227.197.32
http://usweb0b.us
http://uc01web.us
http://reallivecall.us1
http://ms-teams.live
http://uswe05.us
http://livesmeets.us1
http://84.32.84.157
http://uc05websoom.us
http://192.64.119.249
http://162.255.119.184
http://198.54.116.166
http://198.187.29.26
http://198.54.115.40
http://microcoll.com1
http://liuesus.com
http://microshlop.com
http://microscalls.com1
http://live-meet.online2
http://nicrosolt.com1
http://uc02web.us
http://68.65.123.178
http://microshen.com1
http://teamsiiwe.com
http://ms-teams.xyz
http://microsall.com1
http://68.65.121.248
http://livescall.us
http://192.64.119.29
http://us05websoom.us
http://livesmeet.us1
http://os-live.online
http://uz04web.us
http://usobweb.us
http://microsomeet.com
http://microsmeet.com
http://68.65.121.187
http://liues.us
http://132.148.217.168
http://uz06web.us
http://uco5webzoom.us
http://162.255.119.35
http://dencall.xyz
http://198.54.116.214
http://162.255.119.192
http://162.255.119.95
http://84.32.84.32
http://oneasu.com
http://uso06webzoom.us
http://livehuddle01.us
http://teemsliivc.com
http://mslivecall.us
http://192.64.119.22
http://ms-meets.us.com
http://184.94.213.200
http://microcal1.com
http://162.213.255.41
http://microe.click
http://192.64.119.144
http://linelive.us
http://68.65.123.50
http://68.65.122.242
http://66.29.153.159
http://162.255.119.134
http://ms-teams.us.com
http://microsslcheck.com
http://premuims.live
http://uk05live.us
http://microselt.com1
http://ux01web.us
http://198.54.114.236
http://uc02websoom.us
http://ww-live.online
http://onlivecall.com
http://199.188.205.45
http://uc06web.us
http://web05us.online
http://198.54.115.166
http://teams-us.live
http://micrlive.online
http://us05webxoom.us
http://ux03web.us
http://192.64.119.5
http://uz01web.us
http://micrusoft.us
http://nicrosofm.com
http://uco6webzoom.us
http://68.65.123.168
http://msteamcall.com
http://liue.us
http://us05web.site
http://ucweb05.us
http://uz03web.us
http://micromeet.us
http://os-live.xyz
http://lievec.com
http://liivoe.com
http://inmsed.com
http://68.65.121.250
http://teamsliveo.com
http://annaelsa.xyz
http://uc04web.us
http://ms-meets.xyz
http://23.254.167.21
http://162.0.215.196
http://66.29.153.158
http://91.195.240.123
http://microsdb.com1
http://teamslivc.com
http://68.65.122.191
http://micstmeet.com
http://ww-live.us
http://162.255.119.153
http://msmeet.us
http://ms-meeting.us
http://micror.click
http://microcall.us
http://olafsven.xyz
http://teamsliwe.com
http://us05webszoom.us
http://onlivemeet.com1
http://mslivecall.com
http://192.64.119.88
http://teamslivex.com
http://nisrosodf.com1
http://www-live.us
http://192.64.119.220
http://uc03web.us
http://usa06webzoom.us
http://141.136.43.165
http://msquickcall.com1
http://ms-live.team
http://ue03web.us
http://68.65.123.75
http://67.223.118.42
http://69.57.162.193
http://66.29.141.6
http://162.255.119.204
http://68.65.121.244
http://uae04webzoom.us
http://ms-live.site12
http://us03live.com
http://64.187.97.203
http://microg.click
http://uo05web.us
http://192.64.119.40
http://uswebob.us
http://renaworkshard.xyz
http://onmsed.com
http://teemslivo.com
http://us03websoom.us
http://os-live.com2
http://66.29.141.223
http://68.65.123.193
http://ueo4webzoom.us
http://teamsync.live
http://microscell.com2
http://162.255.119.19
http://microcodf.com
http://162.255.119.223
http://microsall.com
http://uso04webzoom.us
http://teamslivos.com
http://67.223.118.116
http://us07web.me
http://68.65.123.117
http://192.64.119.167
http://usweb0l.us
http://ww-live.xyz
http://198.54.120.79
http://livescall.xyz
http://microszlt.com
http://ux02web.us
http://join-uk.com
http://web-meet.live
http://uso05webzoom.us
http://microp.click
http://uco4webzoom.us
http://www-live.xyz
http://ue06web.us
http://83.136.210.87
http://outms.com
http://uo01web.us
http://us02websoom.us
http://microh.click
http://microt.click
http://microsout.com
http://nicrosolf.com1
http://liueus.com1
http://microsinfos.com
http://microschats.com
http://microca11.com
http://192.64.119.93
http://us10web.us
http://107.180.119.82
http://ww-live.com
http://mslivemeet.com1
http://us03webuoom.us
http://ms-meet.xyz12
http://198.54.116.40
http://198.54.117.242
http://teamslivs.com
http://microi.click
http://83.136.208.87
http://callshere.com
http://2.57.91.62
http://os-live.us
http://teams-meet.xyz
http://199.188.200.43
http://ue04web.us
http://66.29.132.149
http://68.65.123.163
http://web-zoom.uk
http://uso4web.us
http://web22n.us
http://83.136.210.29
http://microb.click
http://teemslive.com
http://198.54.115.108
192.64.119.5
198.54.115.166
83.136.208.87
192.64.119.40
184.94.213.200
68.65.123.178
66.29.153.158
83.136.210.87
83.136.210.29
162.213.255.41
68.65.121.250
198.54.116.166
132.148.217.168
198.187.29.26
198.54.116.40
172.86.91.195
192.64.119.88
192.64.119.167
107.180.119.82
66.29.141.6
192.64.119.29
162.255.119.153
188.227.197.32
162.255.119.19
68.65.121.244
68.65.123.75
162.255.119.204
162.0.215.196
68.65.122.242
192.64.119.93
198.54.115.40
2.57.91.62
67.223.118.116
198.54.120.79
68.65.122.191
162.255.119.35
66.29.141.223
68.65.121.187
68.65.123.193
68.65.121.248
68.65.123.50
162.255.119.184
148.72.73.98
162.255.119.223
198.54.115.108
162.255.119.45
84.32.84.32
67.223.118.42
162.255.119.134
68.65.123.168
141.136.43.165
64.187.97.203
192.64.119.249
68.65.123.114
162.255.119.192
192.64.119.22
199.188.205.45
198.54.117.242
23.254.167.21
199.188.200.43
198.54.114.236
69.57.162.186
91.195.240.123
68.65.123.163
198.54.116.214
66.29.132.149
192.64.119.220
162.255.119.95
69.57.162.193
192.64.119.144
66.29.153.159
84.32.84.157
68.65.123.117