🎭 North Korean UNC1069 Targets Crypto Sector via Fake VC Meetings North Korean...

🎭 North Korean UNC1069 Targets Crypto Sector via Fake VC Meetings North Korean threat actor UNC1069, overlapping with Bluenoroff, is conducting social engineering campaigns against cryptocurrency and Web3 professionals. Attackers create fabricated venture capital firms like "WallEye Capital" and use compromised LinkedIn/Telegram accounts to arrange meetings. Victims are redirected to fake conferencing platforms hosting ClickFix payloads that deploy customized RATs—CageyChameleon for Windows, NukeSped for macOS, and Cabbage RAT for Linux—designed to exfiltrate crypto wallets and system data. The campaign demonstrates advanced cross-platform capability and infrastructure mimicry, according to Google Cloud and Mandiant. 🛰️ Open sources - closed narratives @sitreports