Sentinel Labs has reported the discovery of a new virus launched by the North Korean hacking group BlueNoroff. The new virus, named Hidden Risk, is actively being used to target cryptocurrency users.
According to Sentinel Labs, the virus spreads through emails containing fake news about cryptocurrency trends. The emails include PDF attachments, and when opened, a file with the virus is downloaded onto the victim’s computer.
Hidden Risk provides hackers with various capabilities, including the theft of personal information, private keys for cryptocurrency wallets, and passwords for platforms. The virus also allows remote access to the victim’s computer.
This is not the first time BlueNoroff has used PDFs to target cryptocurrency users. In May 2023, it was reported that the North Korean hackers launched the RustBucker campaign, which involved using a modified PDF viewer program to inject malicious code.