Tag: korea
-
Security Affairs newsletter Round 504 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Pro-Russia group NoName targeted the websites of Italian airports North Korea actors use OtterCookie malware in Contagious Interview…
-
North Korea actors use OtterCookie malware in Contagious Interview campaign
North Korea-linked threat actors are using the OtterCookie backdoor to target software developers with fake job offers. North Korea-linked threat actors were spotted using new malware called OtterCookie as part of the Contagious Interview campaign that targets software developer community with fake job offers. The Contagious Interview campaign was first detailed by Palo Alto Networks…
-
South Korea sanctions 15 North Koreans for IT worker scams, financial hacking schemes
The individuals are allegedly working for North Korea’s 313th General Bureau, under the DPRK’s Ministry of Munitions Industry. First seen on cyberscoop.com Jump to article: cyberscoop.com/south-korea-sanctions-north-koreans-it-worker-scams/
-
Cryptohack Roundup: FBI Fingers TraderTraitor for $308M Hack
Also: Bitfinex Hacker Lichtenstein’s Social Media Post From Prison. This week’s stories include updates on hackers in the DMM Bitcoin and Bitfnex cases, South Korea sanctioning North Korean hackers, Trump naming an exec director for Digital Assets Council, Craig Wright’s prison sentence and the Interpol’s red notice for Hex founder. First seen on govinfosecurity.com Jump…
-
FBI attributes largest crypto hack of 2024 to North Korea’s TraderTraitor
The biggest crypto heist of 2024 was conducted by seasoned cybercriminals working on behalf of North Korea’s government, according to the FBI.]]> First seen on therecord.media Jump to article: therecord.media/fbi-largest-crypto-hack-2024-tradertraitor
-
DMM Bitcoin $308M Bitcoin heist linked to North Korea
Japanese and U.S. authorities attributed the theft of $308 million cryptocurrency from DMM Bitcoin to North Korean cyber actors. Japanese and U.S. authorities linked the $308 million cyber heist targeting cryptocurrency company DMM Bitcoin to North Korea-linked threat actors. On June 1st, the Japanese cryptocurrency exchange DMM Bitcoin announced that crooks stole 4,502.9 Bitcoin (BTC),…
-
FBI Blames North Korea for $308M Cryptocurrency Hack as Losses Surge in 2024
The FBI said the target was tricked into downloading a malicious Python script under the guise of a pre-employment test hosted on GitHub. The post FBI Blames North Korea for $308M Cryptocurrency Hack as Losses Surge in 2024 appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/fbi-blames-north-korea-for-308m-cryptocurrency-hack-as-losses-surge-in-2024/
-
US and Japan Blame North Korea for $308m Crypto Heist
A joint US-Japan alert attributed North Korean hackers with a May 2024 crypto heist worth $308m from Japan-based company DMM First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-japan-north-korea-crypto-heist/
-
North Korean Hackers Tied to $1.3B in Stolen Crypto in 2024
Researchers Trace 61% of Known Losses This Year to Pyongyang-Backed Hackers. Hackers tied to North Korea’s cash-strapped totalitarian dictatorship this year stole a record amount of cryptocurrency, totaling $1.34 billion across 47 incidents, or about double their known haul for 2023, reported blockchain analytics firm Chainalysis. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korean-hackers-tied-to-13b-in-stolen-crypto-in-2024-a-27129
-
Lazarus APT targeted employees at an unnamed nuclear-related organization
North Korea-linked Lazarus Group targeted employees of an unnamed nuclear-related organization in January 2024. Kaspersky researchers observed the North Korea-linked Lazarus Group targeting at least two employees associated with the same nuclear-related organization over the course of one month. The experts believe the attacks are part the cyber espionage campaign Operation Dream Job (aka NukeSped),…
-
North Korean Hackers Stolen $2.2 Billion from Crypto Platforms in 2024
North Korean hackers are estimated to have stolen a staggering $2.2 billion in 2024, up 21% from 2023. With advanced tactics and increasing sophistication, the Democratic People’s Republic of Korea (DPRK) has positioned itself as a dominant force in crypto theft, targeting both decentralized finance (DeFi) platforms and centralized exchanges to fund its state-sponsored programs.…
-
Cybersecurity Snapshot: CISA Hands Down Cloud Security Directive, While Threat from North Korean IT Workers Gets the Spotlight
Tags: access, ai, authentication, best-practice, business, china, cisa, cisco, cloud, computer, control, cyber, cybersecurity, data, data-breach, email, extortion, finance, framework, fraud, google, government, guide, hacker, identity, incident, incident response, infrastructure, intelligence, international, Internet, jobs, korea, kubernetes, law, lessons-learned, linux, login, malicious, microsoft, mobile, monitoring, network, north-korea, office, password, regulation, risk, risk-management, russia, service, software, tactics, technology, threat, tool, updateCheck out the new cloud security requirements for federal agencies. Plus, beware of North Korean government operatives posing as remote IT pros. Also, learn how water plants can protect their HMIs against cyberattacks. And get the latest on the U.S. cyber incident response framework; the CIS Benchmarks; and local and state governments’ cyber challenges. Dive…
-
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging a “complex infection chain” targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024.The attacks, which culminated in the deployment of a new modular backdoor…
-
North Korea-linked hackers accounted for 61% of all crypto stolen in 2024
Alongside the rising adoption and value of crypto assets, theft is also on the rise. This year, the total value of cryptocurrency stolen surged 21%, reaching a substantial $2.2 billion. And according to a Chainalysis report released on Thursday, more than half of this amount was stolen by North Korea-affiliated hacking groups. Earlier this year,…
-
From Taiwan to Korea: TIDRONE Threat Actor Targets ERP Software
The AhnLab Security Intelligence Center (ASEC) has uncovered a series of cyberattacks on Korean companies orchestrated by the TIDRONE threat actor. Known for its focus on Taiwanese defense and drone... First seen on securityonline.info Jump to article: securityonline.info/from-taiwan-to-korea-tidrone-threat-actor-targets-erp-software/
-
MITRE ATTCK Evals Pit Vendors Against Ransomware, North Korea
First seen on scworld.com Jump to article: www.scworld.com/news/mitre-attck-evals-pit-vendors-against-ransomware-north-korea
-
North Korea’s fake IT worker scam hauled in at least $88M over six years
DoJ thinks it’s found the folks that ran it, and some of the ‘IT warriors’ sent out to fleece employers First seen on theregister.com Jump to article: www.theregister.com/2024/12/13/doj_dpkr_fake_tech_worker_indictment/
-
DoJ Indicts 14 North Koreans for $88M IT Worker Fraud Scheme Over Six Years
The U.S. Department of Justice (DoJ) has indicted 14 nationals belonging to the Democratic People’s Republic of Korea (DPRK or North Korea) for their alleged involvement in a long-running conspiracy to violate sanctions and commit wire fraud, money laundering, and identity theft by illegally seeking employment in U.S. companies and non-profit organizations.”The conspirators, who worked…
-
US Uncovers North Korean IT Worker Fraud, Offers $5M Bounty
The US Government is offering a $5 million reward for information leading to the disruption of financial mechanisms supporting North Korea following a six-year conspiracy First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-it-worker-fraud/
-
US Offers $5M for Info on North Korean IT Worker Fraud
The US Government is offering a $5 million reward for information leading to the disruption of financial mechanisms supporting North Korea following a six-year conspiracy First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-it-worker-fraud/
-
$5 Million Reward Offered After Indictment of North Korean Cyber Operatives
A federal court in St. Louis, Missouri, has indicted 14 nationals of the Democratic People’s Republic of Korea (DPRK) for a series of long-running conspiracies involving sanctions violations, wire fraud,... First seen on securityonline.info Jump to article: securityonline.info/5-million-reward-offered-after-indictment-of-north-korean-cyber-operatives/
-
North Korea’s fake IT worker scam hauled in at least $88 million over six years
DoJ thinks it’s found the folks that ran it, and some of the ‘IT warriors’ sent out to fleece employers First seen on theregister.com Jump to article: www.theregister.com/2024/12/13/doj_dpkr_fake_tech_worker_indictment/
-
Fake IT Workers Funneled Millions to North Korea, DOJ Says
The fake IT worker scheme netted $88 million over six years, transferred through U.S. and Chinese financial systems to the DPRK government. The post Fake IT Workers Funneled Millions to North Korea, DOJ Says appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/fake-it-workers-funneled-millions-to-north-korea-doj-says/
-
North Korean hackers behind $50 million crypto heist of Radiant Capital
Researchers attributed the attack on the cryptocurrency platform to a group housed within North Korea’s Reconnaissance General Bureau (RGB).]]> First seen on therecord.media Jump to article: therecord.media/radiant-capital-heist-north-korea
-
Korean Firm Sold Satellite Receivers With DDoS Feature
Firm Allegedly Embedded DDoS at the Request of a Foreign Client. A South Korean company exported 240,000 satellite receivers with distributed denial-of-service attack capabilities, leading to the arrest of its CEO by the Korean National Police Agency. The company and its employees face criminal prosecution for allegedly violating South Korea’s cybersecurity laws. First seen on…
-
North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks
Tags: attack, credentials, cybersecurity, email, hacker, korea, north-korea, phishing, russia, service, theft, threatThe North Korea-aligned threat actor known as Kimsuky has been linked to a series of phishing attacks that involve sending email messages that originate from Russian sender addresses to ultimately conduct credential theft.”Phishing emails were sent mainly through email services in Japan and Korea until early September,” South Korean cybersecurity company Genians said. “Then, from…
-
Korea arrests CEO for adding DDoS feature to satellite receivers
South Korean police have arrested a CEO and five employees for manufacturing over 240,000 satellite receivers pre-loaded or later updated to include DDoS attack functionality at a purchaser’s request. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/korea-arrests-ceo-for-adding-ddos-feature-to-satellite-receivers/
-
Prototype UEFI Bootkit is South Korean University Project; LogoFAIL Exploit Discovered
The ‘Bootkitty’ prototype UEFI bootkit contains an exploit for LogoFAIL and was created in a South Korea university program. The post Prototype UEFI Bootkit is South Korean University Project; LogoFAIL Exploit Discovered appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/prototype-uefi-bootkit-is-south-korean-university-project-logofail-exploit-discovered/