Tag: korea
-
Biggest Crypto Hack in History Hackers Stolen $1.46 Billion Worth Crypto From Bybit
In what has become the largest cryptocurrency theft in history, hackers infiltrated Bybit’s Ethereum cold wallet on February 21, 2025, siphoning approximately 401,346 ETH valued at $1.46 billion. The breach, attributed to North Korea’s Lazarus Group, exploited vulnerabilities in Bybit’s multisignature wallet interface, redirecting funds through a sophisticated smart contract manipulation. While Bybit assured users…
-
Investigators Link $1.4B Bybit Hack to North Korea’s Lazarus Group
Investigators link the $1.4B Bybit hack to North Korea’s Lazarus Group, exposing a major crypto heist tied to state-backed cybercrime and money laundering. First seen on hackread.com Jump to article: hackread.com/investigators-link-bybit-hack-north-korea-lazarus-group/
-
North Korea’s Lazarus Group Hacks Bybit, Steals $1.5 Billion in Crypto
North Korea’s notorious Lazarus Group reportedly stole $1.5 billion in cryptocurrency from the Bybit exchange in what is being called the largest hack in the controversial market’s history. It came the same day Coinbase executives said the SEC was dropping its investigation of their company. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/north-koreas-lazarus-group-hacks-bybit-steals-1-5-billion-in-crypto/
-
Hackers pose as employers to steal crypto, login credentials
Since early 2024, ESET researchers have been tracking DeceptiveDevelopment, a series of malicious campaigns linked to North Korea-aligned operators. Disguising themselves as … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/20/deceptivedevelopment-fake-job-offers/
-
South Korea Keeps DeepSeek AI Chatbot Off App Stores
Regulators Cite Privacy Concerns Over DeepSeek’s Data Collection Practices. The Personal Information Protection Commission, South Korea’s data protection regulator, has directed Chinese artificial intelligence company DeepSeek AI to withdraw its chatbot application from official app stores pending an inquiry into the chatbot’s compliance with data protection rules. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/south-korea-keeps-deepseek-ai-chatbot-off-app-stores-a-27560
-
South Korea alleges DeepSeek of user data sharing with ByteDance
First seen on scworld.com Jump to article: www.scworld.com/brief/south-korea-alleges-deepseek-of-user-data-sharing-with-bytedance
-
North Korea’s Kimsuky Taps Trusted Platforms to Attack South Korea
The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/north-koreans-kimsuky-attacks-rivals-trusted-platforms
-
North Korea Stealing Cryptocurrency With JavaScript Implant
‘Marstech1’ Malware Targets Developers Through GitHub Respository. New North Korean malware is targeting cryptowallets with an unconventional command-and-control infrastructure and through malware embedded into a GitHub repository that’s apparently the account of a Pyongyang hacker. The implant appears to have emerged late last December. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korea-stealing-cryptocurrency-javascript-implant-a-27547
-
South Korea Suspends Downloads of AI Chatbot DeepSeek
South Korea’s Personal Information Protection Commission is blocking DeepSeek AI downloads over privacy concerns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/south-korea-suspends-deepseek/
-
South Korea Suspends DeepSeek AI Downloads Over Privacy Violations
South Korea has formally suspended new downloads of Chinese artificial intelligence (AI) chatbot DeepSeek in the country until the service makes changes to its mobile apps to comply with data protection regulations.Downloads have been paused as of February 15, 2025, 6:00 p.m. local time, the Personal Information Protection Commission (PIPC) said in a statement. The…
-
Downloads of DeepSeek’s AI Apps Paused in South Korea Over Privacy Concerns
DeepSeek has temporarily paused downloads of its chatbot apps in South Korea while it works with local authorities to address privacy concerns. The post Downloads of DeepSeek’s AI Apps Paused in South Korea Over Privacy Concerns appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/downloads-of-deepseeks-ai-apps-paused-in-south-korea-over-privacy-concerns/
-
North Korea’s IT Worker Scam: How the Regime Infiltrates Global Tech Firms for Cyber Espionage
Cybersecurity researchers at Insikt Group have uncovered a sophisticated North Korean IT worker scam designed to infiltrate global First seen on securityonline.info Jump to article: securityonline.info/north-koreas-it-worker-scam-how-the-regime-infiltrates-global-tech-firms-for-cyber-espionage/
-
N. Korean Hackers Suspected in DEEP#DRIVE Attacks Against S. Korea
A phishing attack dubbed DEEP#DRIVE is targeting South Korean entities, with thousands already affected. North Korean hackers from… First seen on hackread.com Jump to article: hackread.com/n-korean-hackers-deep-drive-attacks-against-s-korea/
-
Lazarus Group Targets Developers Worldwide with New Malware Tactic
Tags: crypto, cyber, cybercrime, group, korea, lazarus, malware, north-korea, software, supply-chain, tacticsNorth Korea’s Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign targeting software developers and cryptocurrency users. Dubbed Operation Marstech Mayhem, this operation leverages the group’s latest implant, >>Marstech1,
-
North Korean IT Workers Penetrate Global Firms to Install System Backdoors
In a concerning escalation of cyber threats, North Korean IT operatives have infiltrated global companies, posing as remote workers to introduce system backdoors and exfiltrate sensitive data. These activities, which generate critical revenue for the heavily sanctioned regime, also pose significant risks to corporate security and international stability. Fraudulent Hiring North Korea has capitalized on…
-
Unusual attack linked to Chinese APT group combines espionage and ransomware
Tags: apt, attack, breach, china, cloud, country, credentials, crime, crimes, crypto, cyber, cybercrime, cyberespionage, data, encryption, espionage, exploit, finance, firewall, government, group, hacker, infection, insurance, intelligence, korea, microsoft, network, north-korea, ransom, ransomware, russia, software, tactics, technology, threat, veeam, vulnerabilityThe attacker demanded a $2-million ransom: The attack that resulted in the deployment of the RA World ransomware program, as well as data exfiltration, had the same chain: the toshdpdb.exe loading toshdpapi.dll then decrypting toshdp.dat which resulted in the PlugX variant being deployed. The difference is the attacker then chose to deploy the RA World…
-
North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks
Tags: attack, business, crypto, cyberattack, government, group, hacking, korea, north-korea, powershell, threatA nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors.The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to a hacking group known as Kimsuky, which is also tracked under the names APT43, Black Banshee, Emerald Sleet, Sparkling Pisces, Springtail,…
-
US woman faces years in federal prison for running laptop farm for N Korean IT workers
Christian Marie Chapman, of Litchfield Park, Arizona, helped generate over US $17 million for North Korea after over 300 US companies unwittingly hired staff believing them to be US citizens. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/us-woman-years-federal-prison-laptop-farm-n-korean-it-workers
-
North Korea targets crypto developers via NPM supply chain attack
Yet another cash grab from Kim’s cronies and an intel update from Microsoft First seen on theregister.com Jump to article: www.theregister.com/2025/02/13/north_korea_npm_crypto/
-
Breaking macOS Apple Silicon Kernel Hardening: KASLR Exploited
Security researchers from Korea University have successfully demonstrated a groundbreaking attack, dubbed SysBumps, which bypasses Kernel Address Space Layout Randomization (KASLR) in macOS systems powered by Apple Silicon processors. This marks the first successful breach of KASLR on Apple’s proprietary ARM-based architecture, revealing significant vulnerabilities in the kernel hardening mechanisms of modern macOS systems. KASLR…
-
North Korea Targets Crypto Devs Through NPM Packages
SecurityScorecard has uncovered a sophisticated campaign linked to North Korea’s Lazarus Group, distributing crypto-stealing malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-crypto-devs-npm/
-
Warning: Cybercrime Services Underpin National Security Risk
Tags: china, cybercrime, cybersecurity, google, hacking, iran, korea, north-korea, ransomware, risk, russia, serviceRussia, China, Iran and North Korea Tapping Cybercrime Services, Google Says. The cybercrime-as-a-service economy continues to power ransomware and other criminal enterprises, as well as serve as an accelerant for state-sponsored hacking, collectively posing an increasing risk to Western national security, cybersecurity researchers warn. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/warning-cybercrime-services-underpin-national-security-risk-a-27502
-
North Korea-linked APT Emerald Sleet is using a new tactic
Microsoft Threat Intelligence has observed North Korea-linked APT Emerald Sleet using a new tactic, tricking targets into running PowerShell. Microsoft Threat Intelligence researchers spotted North Korea-linked threat actor Emerald Sleet (also known as Kimsuky and VELVET CHOLLIMA) using a new tactic. They are tricking targets into running PowerShell as an administrator and executing code provided…
-
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack
The North Korea-linked threat actor known as Kimsuky has been observed using a new tactic that involves deceiving targets into running PowerShell as an administrator and then instructing them to paste and run malicious code provided by them.”To execute this tactic, the threat actor masquerades as a South Korean government official and over time builds…
-
Cyber crime meshes with cyber warfare as states enlist gangs
A report from the Google Threat Intelligence Group depicts China, Russia, Iran and North Korea as a bloc using cyber criminal gangs to attack the national security of western countries First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366619194/Google-Cyber-crime-meshes-with-cyber-warfare-as-states-enlist-gangs
-
I’m a security expert, and I almost fell for a North Korea-style deepfake job applicant “¦Twice
Remote position, webcam not working, then glitchy AI face … Red alert! First seen on theregister.com Jump to article: www.theregister.com/2025/02/11/it_worker_scam/
-
DeepSeek Accused of Over-Collecting Personal Data, Says South Korea’s Spy Agency
South Korea’s National Intelligence Service (NIS) has raised alarms over the Chinese artificial intelligence app, DeepSeek, accusing it of >>excessively
-
Security Researchers Warn of New Risks in DeepSeek AI App
Weak Encryption, Data Transfers to China, Hidden ByteDance Links Found. Security researchers found DeepSeek AI has weak encryption, SQL injection flaws and sends user data to Chinese state-linked entities. Its AI model failed jailbreak tests, making it prone to manipulation. Regulators in Europe, South Korea, and Australia are investigating, with bans and warnings issued over…
-
Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer
Tags: apt, attack, control, group, intelligence, kaspersky, korea, north-korea, phishing, spear-phishingResearchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware. Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium, Velvet Chollima, APT43) was first spotted by Kaspersky researchers in 2013. The group works under the control…