Collecting Cyber-News from over 60 sources

Tag: korea

South Korea Fines Coupang $409M Over Massive Data Breach

Jun 16, 2026 8:02 PM

Tags: access, authentication, breach, control, data, data-breach, korea, privacy, unauthorized

Investigators Found Months of Unchecked Database Scraping Activity. South Korea’s privacy regulator fined Coupang a record 624.7 billion won after concluding that weak authentication controls, insider access abuse, evidence destruction and unauthorized data collection contributed to the exposure of personal information belonging to 33.7 million people. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/south-korea-fines-coupang-409m-over-massive-data-breach-a-31985
South Korea hits Coupang with record $409 million fine over data breach

Jun 12, 2026 7:04 PM

Tags: breach, data, data-breach, korea

The penalty is the largest ever issued by the commission for a personal data breach, surpassing the record 134.8 billion won ($88.8 million) fine levied against SK Telecom earlier this year. First seen on therecord.media Jump to article: therecord.media/south-korea-data-breach-record-fine-coupang
South Korea Drops a $409M Fine on Coupang in Historic Data Breach Ruling

Jun 12, 2026 12:02 AM

Tags: breach, control, data, data-breach, korea

South Korea fined Coupang $409 million after regulators said weak security controls led to a massive breach affecting 37.5 million accounts. The post South Korea Drops a $409M Fine on Coupang in Historic Data Breach Ruling appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-coupang-record-fine-409m-apac-south-korea/
South Korea hits Coupang with $400M+ fine for data breach that affected millions

Jun 11, 2026 4:02 PM

Tags: breach, data, data-breach, korea

South Korean authorities issued the record-breaking fine following a data breach that affected over 30 million customers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/11/south-korea-hits-coupang-with-400m-fine-for-data-breach-that-affected-millions/
Coupang hit with record $409 million data breach fine in Korea

Jun 11, 2026 4:02 PM

Tags: breach, data, data-breach, korea

The Personal Information Protection Commission (PIPC), South Korea’s data protection regulator, has fined e-commerce giant Coupang a record 624.6 billion won (roughly $409 million) following a massive data breach affecting more than 37 million customers First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/south-korea-hits-coupang-with-record-409-million-fine-over-data-breach/
South Korea hits Coupang with $400M+ fine for data breach that affected millions

Jun 11, 2026 4:02 PM

Tags: breach, data, data-breach, korea

South Korean authorities issued the record-breaking fine following a data breach that affected over 30 million customers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/11/south-korea-hits-coupang-with-400m-fine-for-data-breach-that-affected-millions/
Chinese, N. Korean Threat Groups Build on Asia-Pacific Success

Jun 11, 2026 5:02 AM

Tags: business, china, cybercrime, finance, group, korea, north-korea, threat

North Korea’s gross domestic product (GDP) has grown, in part because of the cybercrime gains of groups linked to the nation, which target business and financial firms. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-korean-threat-groups-asia-pacific-success
North Korea Hackers Weaponize GitHub to Target Developers

Jun 9, 2026 2:42 PM

Tags: crypto, cyber, email, finance, github, hacker, korea, malware, north-korea, phishing, technology

A sustained phishing campaign that leverages developer recruitment and code-review lures to deliver cross”‘platform malware via attacker-controlled GitHub repositories. Tracked as UNK_DeadDrop and attributed with high confidence to a North Korea”‘aligned actor, the operation targeted nearly 100 organizations across finance, cryptocurrency, education and technology by sending more than 250 tailored emails over six weeks. The…
Lazarus APT unveils fileless remote access Trojan designed to evade detection

May 26, 2026 11:00 AM

Tags: access, apt, crypto, detection, finance, group, korea, lazarus, north-korea, rat, threat

North Korea-linked Lazarus APT Group is using a stealthy memory-only RAT that leaves almost no forensic traces behind. North Korea-linked APT group Lazarus has never been shy about its ambitions, the threat actor has been tied to some of the most audacious financial heists in recent memory, draining hundreds of millions from cryptocurrency exchanges and…
InvisibleFerret Malware Uses .pyd and .so Files to Evade Script Detection

May 25, 2026 3:00 PM

Tags: cyber, detection, group, korea, malware, north-korea, threat

A North Korea-linked threat group, Void Dokkaebi, also known as Famous Chollima, has significantly upgraded its malware delivery techniques by converting its Python-based InvisibleFerret malware into compiled binary modules. InvisibleFerret was previously deployed as readable Python scripts, making it easier for defenders to detect through static analysis and signature-based tools. The latest campaign leverages Cython,…
Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms

May 25, 2026 2:00 PM

Tags: attack, crypto, cybersecurity, finance, group, korea, lazarus, malware, north-korea, rat

Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency organizations.RemotePE, per NCC Group subsidiary Fox-IT, is part of a multi-stage attack chain that involves two loaders tracked as DPAPILoader and RemotePELoader.”DPAPILoader decrypts and First seen…
Kimsuky Uses LNK, JSE Lures to Target Recruiters, Crypto Users, Defense Officials

May 19, 2026 12:00 PM

Tags: attack, crypto, cyber, defense, group, hacker, korea, north-korea, phishing, spear-phishing, threat

Kimsuky Hackers Use LNK and JSE Lures to Target Recruiters, Crypto Users, and Defense Officials. North Korea-linked threat group Kimsuky has launched at least four distinct spear-phishing campaigns in early 2026, targeting recruiters, cryptocurrency users, developers, defense personnel, and academic administrators. Despite using different themes and delivery methods, all campaigns follow a consistent attack chain:…
Can Laws Stop Deepfakes? South Korea Aims to Find Out

May 18, 2026 5:01 AM

Tags: deep-fake, election, korea, law, regulation

South Korea’s local elections next month will be a test bed for how effective regulations might be to stymie the flow of deepfakes. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/can-laws-stop-deepfakes-south-korea
North Korea Hackers Abuse Git Hooks to Deploy Cross-Platform Malware

May 12, 2026 12:19 PM

Tags: attack, cyber, github, hacker, jobs, korea, malware, north-korea, social-engineering, tactics, threat

North Korean threat actors have introduced a stealthy new delivery mechanism in their ongoing “Contagious Interview” campaign, shifting tactics to abuse Git hooks for malware execution. The attack begins with a familiar social engineering lure. Victims, often developers targeted through fake job interviews, are asked to clone a GitHub repository containing a “coding assessment.” Hidden…
Cryptohack Roundup: Bitcoin Core Reveals High-Severity Flaw

May 7, 2026 7:47 PM

Tags: ceo, exploit, flaw, hacker, korea, north-korea, theft

Also: TrustedVolumes, Wasabi Protocol and Ekubo Hacks. This week, Bitcoin Core revealed a memory safety flaw, hackers exploited TrustedVolumes, Wasabi Protocol and Ekubo, Bithumb suspension paused, sentencing in U.S. theft case, prosecutors seek 20-year sentence for Delio CEO and North Korea denied that it’s a thief. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-bitcoin-core-reveals-high-severity-flaw-a-31625
Americans sentenced for running ‘laptop farms’ for North Korea

May 7, 2026 4:48 PM

Tags: korea, north-korea

Two U.S. nationals were sentenced to 18 months in prison each for operating so-called laptop farms that helped North Korean IT workers fraudulently obtain remote employment at nearly 70 American companies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/americans-sentenced-for-running-laptop-farms-for-north-korea/
ScarCruft Targets Gaming Platform With Windows, Android Backdoors

May 5, 2026 4:49 PM

Tags: android, apt, attack, backdoor, china, cyber, group, korea, north-korea, supply-chain, windows

A sophisticated multiplatform supply-chain attack orchestrated by the North Korea-aligned APT group ScarCruft, targeting ethnic Koreans in China’s Yanbian region through a compromised gaming platform. The attack, believed to have been ongoing since late 2024, weaponized both Windows and Android components of sqgame[.]net, a video game platform that hosts traditional Yanbian-themed card and board games.…
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

May 5, 2026 12:49 PM

Tags: android, attack, backdoor, espionage, group, hacking, korea, malware, north-korea, supply-chain, windows

The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage attack, trojanizing its components with a backdoor called BirdCallto likely target ethnic Koreans residing in China.While prior versions of the backdoor have primarily targeted Windows users only, the supply chain attack is assessed to have…
North Korea’s Enormous Crypto Hacks Redefine Scale and Strategy

May 3, 2026 10:50 AM

Tags: crypto, cyberattack, korea, north-korea, strategy, theft

A pair of tightly executed cyberattacks have become milestones in cryptocurrency theft in 2026 due to their sheer size. These two incidents, targeting Drift Protocol and KelpDAO, account for roughly three quarters of all recorded crypto losses through April, revealing a shift toward fewer, higher-dollar operations. Based on a report from TRM Labs, security researchers..…
ISMG Editors: North Korea’s Fake Meetings Fuel Crypto Heists

May 3, 2026 10:50 AM

Tags: ai, crypto, fraud, google, korea, north-korea

Also: Google’s $40B AI Bet, Insights From Google Next Conference. In this week’s panel, four ISMG editors discussed North Korea’s use of fake video meetings to fuel crypto fraud, Google’s $40 billion investment in Anthropic and what it signals for the AI race, and key takeaways from Google Next in Las Vegas on enterprise AI…
76% of All Crypto Stolen in 2026 Is Now in North Korea

May 3, 2026 10:50 AM

Tags: ai, breach, crypto, korea, north-korea, threat

North Korean threat actors are pulling off historic cryptocurrency heists on a yearly, sometimes weekly basis now. AI might be helping them. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-analytics/crypto-stolen-2026-north-korea
‘Trivial’ exploit can give attackers root access to Linux kernel

May 1, 2026 5:39 AM

Tags: access, ai, attack, business, cloud, container, cve, data, exploit, flaw, github, gitlab, Hardware, incident response, iot, korea, kubernetes, linux, malware, monitoring, remote-code-execution, risk, risk-assessment, saas, sans, software, supply-chain, theft, threat, unauthorized, update, vulnerability

), which lets users easily obtain root access, there isn’t much CSOs can do, says Johannes Ullrich, dean of research at the SANS Institute, as long as they have monitoring for privilege escalation already in place.With root access, a threat actor can do anything to a system, from data theft to data erasure.”The CopyFail vulnerability…
Cryptohack Roundup: North Korea Steals Bulk of Crypto So Far

Apr 30, 2026 8:38 PM

Tags: crypto, fraud, korea, network, north-korea, scam

Also: Cartier Heir Imprisoned, Believe Founder Benjamin Pasternak Arrested. This week, North Korea hacks, Cartier heir jailed, Believe founder arrested, Cambodia scam network sanctioned. A U.S. Army soldier’s insider bet, Litecoin, sentences in laundering and romance fraud cases, France probed crypto kidnapping. Tennessee banned crypto ATMs, Kelp DAO and Alex Mashinsky. First seen on govinfosecurity.com…
ODNI to CISOs on threat assessments: You’re on your own

Apr 30, 2026 11:38 AM

Tags: access, ai, china, ciso, computer, control, credentials, cyber, cybercrime, data, defense, detection, disinformation, encryption, finance, framework, government, healthcare, identity, infrastructure, intelligence, iran, jobs, korea, metric, resilience, risk, russia, service, strategy, technology, theft, threat, tool, warfare

The bifurcated framework: Operational reporting vs. homeland focus: The report now operates on two distinct tracks that risk narrowing the threat horizon for CROs. In a departure from traditional probabilistic forecasting, the IC has transitioned toward active operational reporting. This shift prioritizes immediate success metrics, such as a significant drop in border encounters and fentanyl…
ODNI to CISOs on threat assessments: You’re on your own

Apr 30, 2026 11:38 AM

Tags: access, ai, china, ciso, computer, control, credentials, cyber, cybercrime, data, defense, detection, disinformation, encryption, finance, framework, government, healthcare, identity, infrastructure, intelligence, iran, jobs, korea, metric, resilience, risk, russia, service, strategy, technology, theft, threat, tool, warfare

The bifurcated framework: Operational reporting vs. homeland focus: The report now operates on two distinct tracks that risk narrowing the threat horizon for CROs. In a departure from traditional probabilistic forecasting, the IC has transitioned toward active operational reporting. This shift prioritizes immediate success metrics, such as a significant drop in border encounters and fentanyl…
CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog

Apr 29, 2026 6:39 PM

Tags: cisa, exploit, flaw, korea, microsoft, north-korea, russia, vulnerability

Russia has used one of the flaws, security experts said, while North Korea has used the other. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-microsoft-connectwise-kev-update/818817/
CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog

Apr 29, 2026 6:39 PM

Tags: cisa, exploit, flaw, korea, microsoft, north-korea, russia, vulnerability

Russia has used one of the flaws, security experts said, while North Korea has used the other. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-microsoft-connectwise-kev-update/818817/
CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog

Apr 29, 2026 6:39 PM

Tags: cisa, exploit, flaw, korea, microsoft, north-korea, russia, vulnerability

Russia has used one of the flaws, security experts said, while North Korea has used the other. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-microsoft-connectwise-kev-update/818817/
North Korea-linked actor targets Web3 execs in social-engineering campaign

Apr 28, 2026 5:39 PM

Tags: access, crypto, korea, north-korea, social-engineering

Founders and other top executives were compromised to gain access to crypto wallets. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/north-korea-web3-execs-social-engineering-hacker/818639/
North Korea-linked actor targets Web3 execs in social-engineering campaign

Apr 28, 2026 5:39 PM

Tags: access, crypto, korea, north-korea, social-engineering

Founders and other top executives were compromised to gain access to crypto wallets. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/north-korea-web3-execs-social-engineering-hacker/818639/