{"id":2887,"date":"2025-06-25T09:44:06","date_gmt":"2025-06-25T09:44:06","guid":{"rendered":"http:\/\/opiniao-publica24-7.com\/?p=2887"},"modified":"2025-06-25T15:33:05","modified_gmt":"2025-06-25T15:33:05","slug":"canada-gambling-firm-hit-by-lazarus-hackers-via-zoom-call","status":"publish","type":"post","link":"http:\/\/opiniao-publica24-7.com\/index.php\/2025\/06\/25\/canada-gambling-firm-hit-by-lazarus-hackers-via-zoom-call\/","title":{"rendered":"Canada Gambling Firm Hit by Lazarus Hackers via Zoom Call"},"content":{"rendered":"

The post Canada Gambling Firm Hit by Lazarus Hackers via Zoom Call<\/a> appeared first on Vegas Slots Online News<\/a>.<\/p>\n

<\/div>\n

Lazarus returns<\/h2>\n

An Ottawa cyber security firm has revealed an unnamed Canadian online gambling company was recently targeted by a subsidiary of North Korea state-sponsored mega-hackers, the Lazarus Group.<\/p>\n

According to security firm Field Effect, Lazarus sub-brand BlueNoroff used \u201csocial engineering tactics to take control of a victim\u2019s computer and deploy infostealer malware\u201d via a Zoom call.\u00a0<\/p>\n

\n

Zoom audio repair tool Trojan Horse script<\/p>\n<\/blockquote>\n

BlueNoroff allegedly used a fake domain to deceive the Ottawa gambling firm during a scheduled cryptocurrency-related Zoom meeting. The hacker convinced the victim because of audio issues to run a Zoom audio repair tool which was, in fact, a malicious Trojan Horse script.\u00a0\u00a0<\/p>\n

Field Effect stated the hackers got away with \u201csensitive personal and system data, with a clear focus on cryptocurrency-related assets.\u201d<\/p>\n

Elaborate scam<\/h2>\n

A news release revealed that BlueNoroff duped an employee of the Canadian gambling firm<\/a> by impersonating trusted contacts and setting up a website that faked a Zoom support page.\u00a0<\/p>\n

The hackers used deep-fake technology to establish trust as a business contact.<\/p>\n

\n

script masquerading as a Zoom audio repair tool<\/p>\n<\/blockquote>\n

\u201cDuring the call, the victim experienced audio issues and multiple pop-up warnings. The other participant then prompted the victim to run a script masquerading as a Zoom audio repair tool,\u201d stated Field Effect.\u00a0<\/p>\n

Once downloaded, a second script kicked in, asking the Canadian employee for credentials. Field Effect said the hackers used the employee\u2019s credentials in following commands while downloading and executing \u201can infostealer and a loader for a fully featured malware implant.\u201d<\/p>\n

The breach allowed BlueNoroff to extract sensitive information from the gambling firm, including \u201cbrowser data and user keychain files.\u201d\u00a0<\/p>\n

Bigger picture<\/h2>\n

The cyber security firm attributed the hack to a wider Zoom scam campaign that emerged in March primarily focused on crypto businesses.\u00a0<\/p>\n

\u201cIt exemplifies an evolving pattern in which financially motivated threat actors continue refining their tradecraft, embedding malicious activity within legitimate business workflows and exploiting user trust as the primary attack surface,\u201d the security company stated.<\/p>\n

BlueNoroff\u2019s biggest coup came in February 2016 when its malware ruse against the Bangladesh Bank<\/a> helped the hackers process transfers from the New York Fed to overseas accounts, an online heist totaling almost $1bn.<\/div>\n

The post Canada Gambling Firm Hit by Lazarus Hackers via Zoom Call<\/a> appeared first on Vegas Slots Online News<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

The post Canada Gambling Firm Hit by Lazarus Hackers via Zoom Call appeared first on Vegas Slots Online News. Lazarus returns An Ottawa cyber security firm has revealed an unnamed Canadian online gambling company was…<\/p>\n

Continue Reading “Canada Gambling Firm Hit by Lazarus Hackers via Zoom Call”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":2844,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[14],"tags":[],"_links":{"self":[{"href":"http:\/\/opiniao-publica24-7.com\/index.php\/wp-json\/wp\/v2\/posts\/2887"}],"collection":[{"href":"http:\/\/opiniao-publica24-7.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/opiniao-publica24-7.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/opiniao-publica24-7.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/opiniao-publica24-7.com\/index.php\/wp-json\/wp\/v2\/comments?post=2887"}],"version-history":[{"count":1,"href":"http:\/\/opiniao-publica24-7.com\/index.php\/wp-json\/wp\/v2\/posts\/2887\/revisions"}],"predecessor-version":[{"id":2888,"href":"http:\/\/opiniao-publica24-7.com\/index.php\/wp-json\/wp\/v2\/posts\/2887\/revisions\/2888"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/opiniao-publica24-7.com\/index.php\/wp-json\/wp\/v2\/media\/2844"}],"wp:attachment":[{"href":"http:\/\/opiniao-publica24-7.com\/index.php\/wp-json\/wp\/v2\/media?parent=2887"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/opiniao-publica24-7.com\/index.php\/wp-json\/wp\/v2\/categories?post=2887"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/opiniao-publica24-7.com\/index.php\/wp-json\/wp\/v2\/tags?post=2887"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}