Crypto bitcoin users and influencers are the target of Marko Polo cybercrime group

0
43
Crypto bitcoin users and influencers are the target of Marko Polo cybercrime group
Crypto bitcoin users and influencers are the target of Marko Polo cybercrime group

Through bitcoin and gaming-related schemes, a well-known cybercrime gang known as Marko Polo has infected “tens of thousands of devices” globally, according to research released on Tuesday.

According to Recorded Future’s Insikt Group, the organization mostly targets online gaming personalities, bitcoin influencers, and technological experts. These individuals are considered “high-value targets” since they run the risk of suffering large financial losses if they fall for the hoaxes. Recorded Future’s editorially independent division is called The Record.

Members of the hacker organization often use social media to approach potential victims by pretending to be recruiters or human resources personnel. According to the researchers, they deceive their targets into downloading harmful software by luring them in with false employment prospects and sending them to dangerous websites.

It has been said that Marko Polo is a financially driven “traffic team”—a collection of disciplined people that divert victims’ internet traffic to malicious content run by other threat actors. The group’s managers and operators are probably located in post-Soviet republics, and its members speak English, Russian, and Ukrainian as their first languages.

More than 20 corrupted Zoom meeting software builds and more than 30 other social media scams linked to Marko Polo were discovered, according to Insikt Group. The Atomic macOS Stealer (AMOS) is disseminated by spearphishing on social media, wherein the perpetrators pose as Zoom meeting attendees. The malicious Zoom installers are named ZoomInstall.dmg and ZoomSetup.dmg, which sound identical to legitimate ones, but they come from domains associated with the Marko Polo organization.

According to Insikt Group, the organization also engages in the cracking of proprietary software and the tampering of files exchanged over the BitTorrent protocol.

Hackers pose as representatives of blockchain-based projects, online games, productivity software, and virtual meeting tools as part of their schemes. Apart from Atomic macOS Stealer, they also provide a variety of malware types, such as HijackLoader, Stealc, and Rhadamanthys.

PartyWorld is a fraud that mimics popular games like Fortnite and Party Icon and is spread through social media. When a user visits the PartyWorld website, they are asked to download the client, which installs a form of the infostealing virus, for Windows or macOS.

Another scam, called Nortex, poses as a social network, productivity tool, and messaging service by mimicking the real Web3 project SendingMe, which is a messaging program. But Nortex performs none of these things; instead, after it is installed, it infects victims with Stealc and HijackLoader malware.

According to Insikt Group, Marko Polo’s campaigns have probably revealed the victims’ private and business information, bringing in millions of dollars in illegal income. The researchers found bogus reports claiming that victims’ life savings had been pilfered by Marko Polo operators.

The gang regularly renames and rebrands their frauds, updates its hosting infrastructure, and modifies its strategies to avoid detection, according to the research, which also highlighted how quickly the group reacts to detection efforts.

“This adaptability not only makes Marko Polo a persistent threat but also signals that it will likely continue evolving its methods to stay ahead of cybersecurity defenses,” the researchers said.

Also readUnveiling the Ethical Imperatives: Navigating the Intersection of AI and Cybersecurity

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.

CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.