Tag: korea
-
Lazarus Hackers Target European Drone Manufacturers in Active Campaign
The North Korean state-sponsored Lazarus hacking group has launched a sophisticated cyberespionage campaign targeting European defense contractors involved in uncrewed aerial vehicle (UAV) manufacturing. The attacks appear directly linked to North Korea’s efforts to accelerate its domestic drone production capabilities through industrial espionage. The targeted organizations include a metal engineering firm, an aircraft component manufacturer,…
-
Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers
Tags: ai, backdoor, blockchain, hacker, india, intelligence, korea, malware, north-korea, phishing, powershell, russia, threat, tool, ukraineThe North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence (AI) tools to target developers and engineering teams in the blockchain sector.The phishing campaign has targeted Japan, Australia, and India, highlighting the adversary’s expansion of the targeting scope beyond South Korea, Russia, Ukraine, and European nations, Check…
-
The Developer’s Backdoor: North Korea Weaponizes Visual Studio Code
The post The Developer’s Backdoor: North Korea Weaponizes Visual Studio Code appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/the-developers-backdoor-north-korea-weaponizes-visual-studio-code/
-
Cryptohack Roundup: South Korea Busts $102M Laundering Ring
Also: $7 Million Saga and $5 Million Makina Finance Exploits. This week, South Korea dismantled a million money laundering ring, Saga paused SagaEVM after a $7 million exploit, Makina Finance lost $5 million, a Utah man sentenced to three years for fraud and illegal cash conversion and a software flaw let traders win Ethereum transaction…
-
Cryptohack Roundup: South Korea Busts $102M Laundering Ring
Also: $7 Million Saga and $5 Million Makina Finance Exploits. This week, South Korea dismantled a million money laundering ring, Saga paused SagaEVM after a $7 million exploit, Makina Finance lost $5 million, a Utah man sentenced to three years for fraud and illegal cash conversion and a software flaw let traders win Ethereum transaction…
-
DPRK Actors Deploy VS Code Tunnels for Remote Hacking
A spear-phishing campaign tied to the Democratic People’s Republic of Korea (DPRK) uses trusted Microsoft infrastructure to avoid detection. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/dprk-vs-code-tunnels-remote-hacking
-
Germany and Israel Pledge Cybersecurity Alliance
Berlin Readies Legislation Authorizing More Aggressive Stance in Cyberspace. Germany wants to drastically step up defenses against cyberattacks from foes such as Russia, China, Iran and North Korea, and it’s looking to key ally Israel for lessons and cooperation. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/germany-israel-pledge-cybersecurity-alliance-a-30568
-
North Korea-Linked Hackers Target Developers via Malicious VS Code Projects
The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio Code (VS Code) projects as lures to deliver a backdoor on compromised endpoints.The latest finding demonstrates continued evolution of the new tactic that was first discovered in December 2025, Jamf Threat Labs said.”This activity involved…
-
More than 40 countries impacted by North Korea IT worker scams, crypto thefts
Eleven countries led a session at the UN headquarters in New York centered around a 140-page report released last fall that covered North Korea’s extensive cyber-focused efforts to fund its nuclear and ballistic weapons program. First seen on therecord.media Jump to article: therecord.media/40-countries-impacted-nk-it-thefts-united-nations
-
Suspected ransomware attack threatens one of South Korea’s largest companies
Kyowon Group, a conglomerate owned by one of South Korea’s richest people, is the latest company there to report suspicious cyber activity to authorities. First seen on therecord.media Jump to article: therecord.media/kyowon-group-south-korea-suspected-ransomware-attack
-
FBI Warns of North Korean QR Phishing Campaigns
The FBI says North Korea’s Kimsuky APT group is using QR codes in spear phishing campaigns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-warns-north-korean-qr-phishing/
-
FBI Warns of North Korean QR Phishing Campaigns
The FBI says North Korea’s Kimsuky APT group is using QR codes in spear phishing campaigns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-warns-north-korean-qr-phishing/
-
Breached E-Commerce Giant Details $1B ‘Customer Trust’ Plan
Critics of South Korea’s Coupang Dismiss Offer as Marketing More Than Compensation. After suffering a data breach that exposed personal data for two-thirds of South Korea’ population, online retailer Coupang promised to distribute $1.2 billion in vouchers to restore customer trust. But critics have accused the move of being more about marketing than true compensation.…
-
South Korea to require facial recognition for new mobile numbers
South Korea will begin requiring facial recognition when signing up for a new mobile phone number in a bid to fight scams, the Ministry of Science and ICT announced. First seen on therecord.media Jump to article: therecord.media/south-korea-facial-recognition-phones
-
There’s so much stolen data in the world, South Korea will require face scans to buy a SIM
SK Telecom’s epic infosec faill will cost it another $1.5 billion First seen on theregister.com Jump to article: www.theregister.com/2025/12/22/south_korea_facial_verification/
-
10 Major Cyberattacks And Data Breaches In 2025
Among the major cyberattacks and data breaches in 2025 were nation-state infiltration by China and North Korea, as well as massive data theft and ransomware attacks. First seen on crn.com Jump to article: www.crn.com/news/security/2025/10-major-cyberattacks-and-data-breaches-in-2025
-
Amazon Warns Perncious Fake North Korea IT Worker Threat Has Become Widespread
Amazon is warning organizations that a North Korean effort to impersonate IT workers is more extensive than many cybersecurity teams may realize after discovering the cloud service provider was also victimized. A North Korean imposter was uncovered working as a remote systems administrator in the U.S. after their keystroke input lag raised suspicions. Normally, keystroke..…
-
A Good Year for North Korean Cybercriminals
North Korea shifted its strategy to patiently target bigger fish for larger payouts, using sophisticated methods to execute attacks at opportune times. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/good-year-north-korean-cybercriminals
-
Over $3.4 billion in crypto stolen throughout 2025, with North Korea again the top culprit
Of the $3.4 billion in crypto stolen from January to December, Chainalysis attributed at least $2.02 billion to North Korean hackers. First seen on therecord.media Jump to article: therecord.media/over-3-billion-crypto-stolen-2025-north-korea
-
Over $3.4 billion in crypto stolen throughout 2025, with North Korea again the top culprit
Of the $3.4 billion in crypto stolen from January to December, Chainalysis attributed at least $2.02 billion to North Korean hackers. First seen on therecord.media Jump to article: therecord.media/over-3-billion-crypto-stolen-2025-north-korea
-
Lazarus Group Embed New BeaverTail Variant in Developer Tools
North Korea’s Lazarus Group deploys a new BeaverTail variant to steal credentials and crypto using fake job lures, dev tools, and smart contracts. First seen on hackread.com Jump to article: hackread.com/lazarus-embed-beavertail-variant-developer-tools/
-
Crypto Theft in 2025 Concentrated in Fewer, Larger Breaches
Chainalysis Data Shows Access-Driven Attacks Reshaping Risk. Hackers stole more than $3.4 billion in crypto this year. Losses were driven by a small number of high-impact breaches. Chainalysis data shows how North Korea actors, centralized platforms and expanding retail adoption reshaped where crypto risk accumulated. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/crypto-theft-in-2025-concentrated-in-fewer-larger-breaches-a-30331
-
Lazarus Group Embed New BeaverTail Variant in Developer Tools
North Korea’s Lazarus Group deploys a new BeaverTail variant to steal credentials and crypto using fake job lures, dev tools, and smart contracts. First seen on hackread.com Jump to article: hackread.com/lazarus-embed-beavertail-variant-developer-tools/
-
North Korea Steals Over $2bn in Crypto in 2025
Chainalysis warns North Korea continues to steal billions in crypto for its weapons program First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-steals-over-2bn-crypto/
-
North Korea-Linked Hackers Steal $2.02 Billion in 2025, Leading Global Crypto Theft
Threat actors with ties to the Democratic People’s Republic of Korea (DPRK or North Korea) have been instrumental in driving a surge in global cryptocurrency theft in 2025, accounting for at least $2.02 billion out of more than $3.4 billion stolen from January through early December.The figure represents a 51% increase year-over-year and $681 million…
-
Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App
The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking Seoul-based logistics firm CJ Logistics (formerly CJ Korea Express).”The threat actor leveraged QR codes and notification pop-ups to lure victims into installing…
-
Kimsuky Hackers Use Weaponized QR Codes to Distribute Malicious Mobile Apps
Threat researchers have uncovered a sophisticated mobile malware campaign attributed to North Korea-linked threat actor Kimsuky, leveraging weaponized QR codes and fraudulent delivery service impersonations to trick users into installing remote access trojans on their smartphones. The ENKI WhiteHat Threat Research Team identified the latest iteration of >>DOCSWAP