Tag: korea
-
DeepSeek’s ByteDance Data-Sharing Raises Fresh Security Concerns
Confirmation by South Korea’s data protection agency that the AI chatbot sent data to TikTok’s Chinese parent company has spurred a ban in that nation, and is again is calling into question DeepSeek’s safety. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/deepseek-bytedance-data-sharing-security-concerns
-
North Korea’s Lazarus hackers behind $1.4 billion crypto theft from Bybit, researchers say
Cybersecurity researchers say North Korean hackers are behind the largest cryptocurrency heist in history and are actively laundering the more than $1.4 billion in cryptocurrency stolen from the Bybit exchange on Friday. First seen on therecord.media Jump to article: therecord.media/lazarus-hackers-behind-bybit-crypto-heist
-
China Using AI-Powered Surveillance Tools, Says OpenAI
Report Also Flags Threats Linked to North Korea, Iran. Chinese influence operations are using artificial intelligence to carry out surveillance and disinformation campaigns, OpenAI said in its latest threat report. The report details two major Chinese campaigns that misused AI tools, including OpenAI’s own models, to advance state-backed agendas. First seen on govinfosecurity.com Jump to…
-
Industrial Organizations Under Siege: Chinese Hackers Wield Advanced FatalRAT Malware
A recent investigation by Kaspersky ICS CERT has uncovered a sophisticated cyberattack targeting industrial organizations across the Asia-Pacific region, particularly those in Taiwan, Malaysia, China, Japan, Thailand, South Korea, Singapore, the Philippines, Vietnam, and Hong Kong. The attackers are using a highly advanced version of the FatalRAT malware, delivered through a complex multi-stage payload framework…
-
Researchers accuse North Korea of $1.4 billion Bybit crypto heist
North Korea is behind the massive crypto hack, according to several blockchain monitoring firms and a well-known researcher First seen on techcrunch.com Jump to article: techcrunch.com/2025/02/24/researchers-accuse-north-korea-of-1-4-billion-bybit-crypto-heist/
-
North Korean hackers linked to $1.5 billion ByBit crypto heist
Over the weekend, blockchain security companies and experts have linked North Korea’s Lazarus hacking group to the theft of over $1.5 billion from cryptocurrency exchange Bybit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-linked-to-15-billion-bybit-crypto-heist/
-
Biggest Crypto Hack in History Hackers Stolen $1.46 Billion Worth Crypto From Bybit
In what has become the largest cryptocurrency theft in history, hackers infiltrated Bybit’s Ethereum cold wallet on February 21, 2025, siphoning approximately 401,346 ETH valued at $1.46 billion. The breach, attributed to North Korea’s Lazarus Group, exploited vulnerabilities in Bybit’s multisignature wallet interface, redirecting funds through a sophisticated smart contract manipulation. While Bybit assured users…
-
Investigators Link $1.4B Bybit Hack to North Korea’s Lazarus Group
Investigators link the $1.4B Bybit hack to North Korea’s Lazarus Group, exposing a major crypto heist tied to state-backed cybercrime and money laundering. First seen on hackread.com Jump to article: hackread.com/investigators-link-bybit-hack-north-korea-lazarus-group/
-
North Korea’s Lazarus Group Hacks Bybit, Steals $1.5 Billion in Crypto
North Korea’s notorious Lazarus Group reportedly stole $1.5 billion in cryptocurrency from the Bybit exchange in what is being called the largest hack in the controversial market’s history. It came the same day Coinbase executives said the SEC was dropping its investigation of their company. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/north-koreas-lazarus-group-hacks-bybit-steals-1-5-billion-in-crypto/
-
Hackers pose as employers to steal crypto, login credentials
Since early 2024, ESET researchers have been tracking DeceptiveDevelopment, a series of malicious campaigns linked to North Korea-aligned operators. Disguising themselves as … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/20/deceptivedevelopment-fake-job-offers/
-
South Korea Keeps DeepSeek AI Chatbot Off App Stores
Regulators Cite Privacy Concerns Over DeepSeek’s Data Collection Practices. The Personal Information Protection Commission, South Korea’s data protection regulator, has directed Chinese artificial intelligence company DeepSeek AI to withdraw its chatbot application from official app stores pending an inquiry into the chatbot’s compliance with data protection rules. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/south-korea-keeps-deepseek-ai-chatbot-off-app-stores-a-27560
-
South Korea alleges DeepSeek of user data sharing with ByteDance
First seen on scworld.com Jump to article: www.scworld.com/brief/south-korea-alleges-deepseek-of-user-data-sharing-with-bytedance
-
North Korea’s Kimsuky Taps Trusted Platforms to Attack South Korea
The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/north-koreans-kimsuky-attacks-rivals-trusted-platforms
-
North Korea Stealing Cryptocurrency With JavaScript Implant
‘Marstech1’ Malware Targets Developers Through GitHub Respository. New North Korean malware is targeting cryptowallets with an unconventional command-and-control infrastructure and through malware embedded into a GitHub repository that’s apparently the account of a Pyongyang hacker. The implant appears to have emerged late last December. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korea-stealing-cryptocurrency-javascript-implant-a-27547
-
South Korea Suspends Downloads of AI Chatbot DeepSeek
South Korea’s Personal Information Protection Commission is blocking DeepSeek AI downloads over privacy concerns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/south-korea-suspends-deepseek/
-
South Korea Suspends DeepSeek AI Downloads Over Privacy Violations
South Korea has formally suspended new downloads of Chinese artificial intelligence (AI) chatbot DeepSeek in the country until the service makes changes to its mobile apps to comply with data protection regulations.Downloads have been paused as of February 15, 2025, 6:00 p.m. local time, the Personal Information Protection Commission (PIPC) said in a statement. The…
-
Downloads of DeepSeek’s AI Apps Paused in South Korea Over Privacy Concerns
DeepSeek has temporarily paused downloads of its chatbot apps in South Korea while it works with local authorities to address privacy concerns. The post Downloads of DeepSeek’s AI Apps Paused in South Korea Over Privacy Concerns appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/downloads-of-deepseeks-ai-apps-paused-in-south-korea-over-privacy-concerns/
-
North Korea’s IT Worker Scam: How the Regime Infiltrates Global Tech Firms for Cyber Espionage
Cybersecurity researchers at Insikt Group have uncovered a sophisticated North Korean IT worker scam designed to infiltrate global First seen on securityonline.info Jump to article: securityonline.info/north-koreas-it-worker-scam-how-the-regime-infiltrates-global-tech-firms-for-cyber-espionage/
-
N. Korean Hackers Suspected in DEEP#DRIVE Attacks Against S. Korea
A phishing attack dubbed DEEP#DRIVE is targeting South Korean entities, with thousands already affected. North Korean hackers from… First seen on hackread.com Jump to article: hackread.com/n-korean-hackers-deep-drive-attacks-against-s-korea/
-
Lazarus Group Targets Developers Worldwide with New Malware Tactic
Tags: crypto, cyber, cybercrime, group, korea, lazarus, malware, north-korea, software, supply-chain, tacticsNorth Korea’s Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign targeting software developers and cryptocurrency users. Dubbed Operation Marstech Mayhem, this operation leverages the group’s latest implant, >>Marstech1,
-
North Korean IT Workers Penetrate Global Firms to Install System Backdoors
In a concerning escalation of cyber threats, North Korean IT operatives have infiltrated global companies, posing as remote workers to introduce system backdoors and exfiltrate sensitive data. These activities, which generate critical revenue for the heavily sanctioned regime, also pose significant risks to corporate security and international stability. Fraudulent Hiring North Korea has capitalized on…
-
Unusual attack linked to Chinese APT group combines espionage and ransomware
Tags: apt, attack, breach, china, cloud, country, credentials, crime, crimes, crypto, cyber, cybercrime, cyberespionage, data, encryption, espionage, exploit, finance, firewall, government, group, hacker, infection, insurance, intelligence, korea, microsoft, network, north-korea, ransom, ransomware, russia, software, tactics, technology, threat, veeam, vulnerabilityThe attacker demanded a $2-million ransom: The attack that resulted in the deployment of the RA World ransomware program, as well as data exfiltration, had the same chain: the toshdpdb.exe loading toshdpapi.dll then decrypting toshdp.dat which resulted in the PlugX variant being deployed. The difference is the attacker then chose to deploy the RA World…
-
North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks
Tags: attack, business, crypto, cyberattack, government, group, hacking, korea, north-korea, powershell, threatA nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors.The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to a hacking group known as Kimsuky, which is also tracked under the names APT43, Black Banshee, Emerald Sleet, Sparkling Pisces, Springtail,…
-
US woman faces years in federal prison for running laptop farm for N Korean IT workers
Christian Marie Chapman, of Litchfield Park, Arizona, helped generate over US $17 million for North Korea after over 300 US companies unwittingly hired staff believing them to be US citizens. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/us-woman-years-federal-prison-laptop-farm-n-korean-it-workers
-
North Korea targets crypto developers via NPM supply chain attack
Yet another cash grab from Kim’s cronies and an intel update from Microsoft First seen on theregister.com Jump to article: www.theregister.com/2025/02/13/north_korea_npm_crypto/
-
Breaking macOS Apple Silicon Kernel Hardening: KASLR Exploited
Security researchers from Korea University have successfully demonstrated a groundbreaking attack, dubbed SysBumps, which bypasses Kernel Address Space Layout Randomization (KASLR) in macOS systems powered by Apple Silicon processors. This marks the first successful breach of KASLR on Apple’s proprietary ARM-based architecture, revealing significant vulnerabilities in the kernel hardening mechanisms of modern macOS systems. KASLR…
-
North Korea Targets Crypto Devs Through NPM Packages
SecurityScorecard has uncovered a sophisticated campaign linked to North Korea’s Lazarus Group, distributing crypto-stealing malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-crypto-devs-npm/
-
Warning: Cybercrime Services Underpin National Security Risk
Tags: china, cybercrime, cybersecurity, google, hacking, iran, korea, north-korea, ransomware, risk, russia, serviceRussia, China, Iran and North Korea Tapping Cybercrime Services, Google Says. The cybercrime-as-a-service economy continues to power ransomware and other criminal enterprises, as well as serve as an accelerant for state-sponsored hacking, collectively posing an increasing risk to Western national security, cybersecurity researchers warn. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/warning-cybercrime-services-underpin-national-security-risk-a-27502
-
North Korea-linked APT Emerald Sleet is using a new tactic
Microsoft Threat Intelligence has observed North Korea-linked APT Emerald Sleet using a new tactic, tricking targets into running PowerShell. Microsoft Threat Intelligence researchers spotted North Korea-linked threat actor Emerald Sleet (also known as Kimsuky and VELVET CHOLLIMA) using a new tactic. They are tricking targets into running PowerShell as an administrator and executing code provided…