Last fall, Kaspersky Lab experts discovered new BlueNoroff traps for startup employees - 70 fake domains mimicking well-known venture capital funds and banks, mostly Japanese, but also American, Vietnamese and UAE ones. In addition, attackers are now experimenting with new file types to continue embedding malware into target systems. According to the attackers' scheme, the malware is contained in a .doc file, supposedly a contract from a client. If you open this file, the device is immediately infected with malware and attackers can track all daily transactions and plan to steal. The moment an employee of an infected company tries to transfer a large amount of cryptocurrency, the attackers interfere with the transaction process, change the recipient's address and raise the transfer limit, instantly draining the account. Members of the BlueNoroff cyber group are actively experimenting and testing new methods of malware delivery using previously unused file types. These include V