The financially motivated BlueNoroff group was found using a new malware strain to target financial institutions in Japan. The gang has also devised a new tactic to evade Mark-of-the-Web (MotW) security measures. Kaspersky researchers discovered more than 70 domains used by BlueNoroff. These domain registrations could be traced back to earlier in 2021, and these are still active.