BlueNoroff Targets Cryptocurrency Executives with AI-Enhanced Fake Zoom Attacks

**Executive summary:** North Korea-linked BlueNoroff is conducting a sophisticated campaign against cryptocurrency executives using Calendly lures to route victims to fake Zoom calls where AI-generated avatars and stolen video are used to capture live webcam feeds and deploy fileless PowerShell malware; the campaign has compromised over 100 individuals across 20+ countries since January 2026 and maintained access for up to 66 days.