According to TechFlow, on November 28, Microsoft security researcher James Elliott released a latest research report at the Cyberwarcon conference in Washington, D.C., saying that North Korean hacker groups have successfully infiltrated "hundreds" of global organizations by disguising themselves as venture capitalists, recruiters, and remote IT workers, and have stolen billions of dollars in cryptocurrency over the past decade to fund their nuclear weapons programs.
The report details the activities of two major hacker groups: a group code-named "Ruby Sleet" targeted aerospace and defense companies to steal secrets; a group code-named "Sapphire Sleet" posed as recruiters and venture capitalists and stole more than $10 million in cryptocurrency in six months. These hackers used virtual meeting failures as an excuse to trick victims into downloading malware disguised as a repair tool.