Bluenoroff Bypasses MoTW to Target Japanese Organizations

Threat Level – Red | Vulnerability Report
Download PDF

Bluenoroff is known for targeting financial institutions and government organizations and has been active since at least 2014. From September onwards Bluenoroff threat actors added a new feature, that bypasses the Mark of the Web (MotW) security feature in Microsoft Windows, specifically targeting Japanese organizations. MotW is a security feature that helps prevent malicious web pages from being loaded into Internet Explorer or other web browsers.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox