{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreifk4sq6zo5bpqw5idfyanop4mv5smzhznceedrfultsue4hxzw6c4",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mkrhkwrswx22"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreidtrxfdc7v7l7zzkf2q6kkilx4n4memkhuvrcxpc5lp7jflmxhz6i"
    },
    "mimeType": "image/webp",
    "size": 70066
  },
  "path": "/bluenoroff-uses-fake-zoom-meetings-and-fileless-powershell-to-target-crypto-firms/",
  "publishedAt": "2026-04-30T17:22:02.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "BlueNoroff uses fake Zoom meetings and fileless PowerShell to target crypto firms",
    "VPN Central"
  ],
  "textContent": "BlueNoroff, a financially motivated subgroup of North Korea’s Lazarus Group, has been linked to a new campaign targeting cryptocurrency and Web3 professionals through fake Zoom meetings. The campaign uses manipulated Calendly invites, typo-squatted Zoom links, fake meeting pages, ClickFix clipboard tricks, and fileless PowerShell malware to compromise Windows systems. Arctic Wolf says one observed attack […]\n\nThe post BlueNoroff uses fake Zoom meetings and fileless PowerShell to target crypto firms appeared first on VPN Central.",
  "title": "BlueNoroff uses fake Zoom meetings and fileless PowerShell to target crypto firms"
}