Tag: korea
-
Let’s Unroll Some Questions About Russia’s Role In North Korea’s Rocket Program
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35986/Lets-Unroll-Some-Questions-About-Russias-Role-In-North-Koreas-Rocket-Program.html
-
Andariel Hackers Target South Korean Institutes with New Dora RAT Malware
The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting edu… First seen on thehackernews.com Jump to article: thehackernews.com/2024/06/andariel-hackers-target-south-korean.html
-
‘Moonstone Sleet’ APT Melds Espionage, Financial Goals
North Korea’s newest threat actor uses every trick in the nation-state APT playbook, and most of cybercrime’s tricks, too. It also developed a whole v… First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/microsoft-moonlight-sleet-apt-melds-espionage-financial-goals
-
North Korea Building Cash Reserves Using Ransomware, Video Games
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35934/North-Korea-Building-Cash-Reserves-Using-Ransomware-Video-Games.html
-
Hackers Weaponizing MS Office-Cracked Versions to Deliver Malware
Attackers in South Korea are distributing malware disguised as cracked software, including RATs and crypto miners, and registering themselves with the… First seen on gbhackers.com Jump to article: gbhackers.com/hackers-weaponizing-ms-office-malware/
-
RedTail Cryptomining Malware Exploits PAN-OS Vulnerability
Threat Actors Mirror the Tactics of North Korea’s Lazarus Group. Cryptomining malware that might be North Korean in origin is targeting edge devices, … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/redtail-cryptomining-malware-exploits-pan-os-vulnerability-a-25371
-
North Korea’s ‘Moonstone Sleet’ targets victims with malicious tools
First seen on scmagazine.com Jump to article: www.scmagazine.com/news/north-koreas-moonstone-sleet-targets-victims-with-malicious-tools
-
RedTail Malware Abuses Palo Alto Flaw in Latest Cryptomining Campaign
Hackers with possible ties to the notorious North Korea-linked Lazarus Group are exploiting a recent critical vulnerability in Palo Alto Network’s PAN… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/redtail-malware-abuses-palo-alto-flaw-in-latest-cryptomining-campaign/
-
Microsoft Warns of North Korea’s ‘Moonstone Sleet’
Pyongyang Threat Actor Is After Money and Information. A North Korean hacking group wants to make money for the cash-starved Pyongyang regime and cond… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/microsoft-warns-north-koreas-moonstone-sleet-a-25344
-
DoJ Shakes Up North Korea’s Widespread IT Freelance Scam Operation
Fraudsters based in the US and Europe indicted for helping North Korea’s nation-state groups establish fake freelancer identities and evade sanctions…. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/doj-targets-north-koreas-widespread-it-freelance-scam-operation
-
Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks
The Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea’s Reconnaissance General Bureau (RGB), has been ob… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/kimsuky-apt-deploying-linux-backdoor.html
-
Feds Bust N. Korean Identity Theft Ring Targeting US Firms
North Korea targeted US companies with stolen identities in a cybercrime scheme. The Justice Department cracks down, seizes websites, and disrupts rev… First seen on hackread.com Jump to article: www.hackread.com/feds-bust-n-korean-identity-theft-ring-us-firms/
-
North Korea-linked Kimsuky used a new Linux backdoor in recent attacks
Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea. Symantec… First seen on securityaffairs.com Jump to article: securityaffairs.com/163364/apt/kimsuky-new-linux-backdoor.html
-
North Korea-linked IT workers infiltrated hundreds of US firms
The U.S. Justice Department charged five individuals, including a U.S. woman, for aiding North Korea-linked IT workers to infiltrate 300 firms. The Ju… First seen on securityaffairs.com Jump to article: securityaffairs.com/163349/intelligence/north-korea-linked-it-workers-infiltrated-us-firms.html
-
North Korea-linked Kimsuky APT attack targets victims via Messenger
North Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware. Researchers at Genius Securi… First seen on securityaffairs.com Jump to article: securityaffairs.com/163265/apt/north-korea-kimsuky-apt-uses-messenger.html
-
North Korea IT Worker Scam Brings Malware and Funds Nukes
WTH? DPRK IT WFH: Justice Department says N. Korean hackers are getting remote IT jobs, posing as Americans. The post K IT WFH: Justice Department say… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/dprk-remote-it-jobs-richixbw/
-
Kimsuky hackers deploy new Linux backdoor in attacks on South Korea
The North Korean hacker group Kimsuki has been using a new Linux malware called Gomir that is a version of the GoBear backdoor delivered via trojanize… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kimsuky-hackers-deploy-new-linux-backdoor-in-attacks-on-south-korea/
-
Five charged for cyber schemes to benefit North Korea’s weapons program
‹The U.S. Justice Department charged five individuals today, a U.S. Citizen woman, a Ukrainian man, and three foreign nationals, for their involvement… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/five-charged-for-cyber-schemes-to-benefit-north-koreas-weapons-program/
-
North Korean Hackers Spoofing Journalist Emails to Spy on Policy Experts
The US warns that the North Korea-linked Kimsuky group is exploiting poorly configured DMARC protocols to spoof legitimate domains in espionage phishi… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-spoofing-journalist/
-
North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called … First seen on thehackernews.com Jump to article: thehackernews.com/2024/04/north-koreas-lazarus-group-deploys-new.html
-
NSA warns of North Korean hackers exploiting weak DMARC email policies
The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conforman… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nsa-warns-of-north-korean-hackers-exploiting-weak-dmarc-email-policies/
-
Cryptohack Roundup: Geosyn Fraud Lawsuit
Also: North Korea Money Laundering and South Korean Crypto Police. This week, SEC filed suit against Geosyn, prosecutors fought dismissed Tornado Cash… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-geosyn-fraud-lawsuit-a-24999
-
Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage
Microsoft has revealed that North Korea-linked state-sponsored cyber actors has begun to use artificial intelligence (AI) to make its operations more … First seen on thehackernews.com Jump to article: thehackernews.com/2024/04/microsoft-warns-north-korean-hackers.html
-
North Korea APT Triumvirate Spied on South Korean Defense Industry For Years
Lazarus, Kimsuky, and Andariel all got in on the action, stealing important data from firms responsible for defending their southern neighbors (from t… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/north-korea-apt-triumvirate-spied-on-south-korean-defense-industry-for-years
-
New Android Trojan ‘SoumniBot’ Evades Detection with Clever Tricks
A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction… First seen on thehackernews.com Jump to article: thehackernews.com/2024/04/new-android-trojan-soumnibot-evades.html
-
North Korea-linked APT groups target South Korean defense contractors
The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting defense industry entities. The National Police Age… First seen on securityaffairs.com Jump to article: securityaffairs.com/162193/apt/north-korea-south-korean-defense-contractors.html
-
DPRK hacking groups breach South Korean defense contractors
The National Police Agency in South Korea issued an urgent warning today about North Korean hacking groups targeting defense industry entities to stea… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dprk-hacking-groups-breach-south-korean-defense-contractors/
-
North Korean Hackers Hijack Antivirus Updates for Malware Delivery
A North Korea-linked threat actor hijacked the update mechanism of eScan antivirus to deploy backdoors and cryptocurrency miners. The post Korea-linke… First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-hackers-hijack-antivirus-updates-for-malware-delivery/