Tag: korea
-
Korean Firm Sold Satellite Receivers With DDoS Feature
Firm Allegedly Embedded DDoS at the Request of a Foreign Client. A South Korean company exported 240,000 satellite receivers with distributed denial-of-service attack capabilities, leading to the arrest of its CEO by the Korean National Police Agency. The company and its employees face criminal prosecution for allegedly violating South Korea’s cybersecurity laws. First seen on…
-
North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks
Tags: attack, credentials, cybersecurity, email, hacker, korea, north-korea, phishing, russia, service, theft, threatThe North Korea-aligned threat actor known as Kimsuky has been linked to a series of phishing attacks that involve sending email messages that originate from Russian sender addresses to ultimately conduct credential theft.”Phishing emails were sent mainly through email services in Japan and Korea until early September,” South Korean cybersecurity company Genians said. “Then, from…
-
Korea arrests CEO for adding DDoS feature to satellite receivers
South Korean police have arrested a CEO and five employees for manufacturing over 240,000 satellite receivers pre-loaded or later updated to include DDoS attack functionality at a purchaser’s request. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/korea-arrests-ceo-for-adding-ddos-feature-to-satellite-receivers/
-
Prototype UEFI Bootkit is South Korean University Project; LogoFAIL Exploit Discovered
The ‘Bootkitty’ prototype UEFI bootkit contains an exploit for LogoFAIL and was created in a South Korea university program. The post Prototype UEFI Bootkit is South Korean University Project; LogoFAIL Exploit Discovered appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/prototype-uefi-bootkit-is-south-korean-university-project-logofail-exploit-discovered/
-
Appeals court tosses sanctions on Tornado cash crypto mixer
The mixer was sanctioned after a North Korea hacking group used the software to launder more than $455 million. First seen on cyberscoop.com Jump to article: cyberscoop.com/tornado-cash-sanctions-overturned-lazarus-group/
-
A US soldier is suspected of being behind the massive Snowflake data leak
One of the hackers who masterminded the Snowflake credential leak that led to the threat actors stealing data from and extorting at least 165 companies, including 560 million Ticketmaster and 110 AT&T customers, could be a US soldier, according to cybersecurity journalist Brian Krebs.The hacker, known for using the moniker Kiberphant0m, carried out online chats…
-
North Korean and Chinese Threat Actors Target Crypto, Aerospace, and Government Agencies
Tags: china, crypto, cyber, government, intelligence, korea, microsoft, north-korea, tactics, threatAt CYBERWARCON 2024, Microsoft Threat Intelligence unveiled groundbreaking research on two major nation-state cyber actors: North Korea and China. These revelations provide a closer look at their tactics, techniques, and... First seen on securityonline.info Jump to article: securityonline.info/north-korean-and-chinese-threat-actors-target-crypto-aerospace-and-government-agencies/
-
As North Korean troops march toward Ukraine, does a Russian quid pro quo reach space?
The budding partnership between Russia and North Korea may now be blossoming into space. First seen on arstechnica.com Jump to article: arstechnica.com/space/2024/11/in-exchange-for-troops-in-ukraine-russian-aid-to-north-korea-may-extend-to-space/
-
North Korea Deploying Fake IT Workers in China, Russia, Other Countries
The North Korean fake IT workers have infiltrated businesses in China, Russia, and other countries aside from the US. The post North Korea Deploying Fake IT Workers in China, Russia, Other Countries appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/north-korea-deploying-fake-it-workers-in-china-russia-other-countries/
-
North Korea’s Cyber Evolution and China’s Storm-2077 Unveiled by Microsoft Analysts
Tags: attack, china, cyber, cybersecurity, intelligence, korea, microsoft, north-korea, strategy, tactics, threatMicrosoft Threat Intelligence analysts has shared new insights into North Korean and Chinese threat actors. At the recent CYBERWARCON, cybersecurity analyst shared details into the rise of attacks, the evolution of threat actor tactics, and the strategies employed by various state-backed groups. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/microsoft-insights-on-chinese-threat-actor/
-
Fake Identities, Real Profits: Exposing North Korea’s IT Front Companies
SentinelLabs has exposed a sophisticated network of front companies linked to North Korean IT workers. These entities, operating under the guise of legitimate businesses, were recently disrupted by U.S. law... First seen on securityonline.info Jump to article: securityonline.info/fake-identities-real-profits-exposing-north-koreas-it-front-companies/
-
North Korean IT Workers Using Fake Sites to Evade Detection
Researches Find Deep Ties to North Korea Among Fake IT Services Firms Websites. North Korean state actors are using fake websites of foreign technology services firms sidestep sanctions and raise funding for Kim Jong-un regime’s weapons development programs. SentinelLabs found many of these sites shared similar infrastructure, owners and locations. First seen on govinfosecurity.com Jump…
-
US Cyber Force Surges Global Operations Amid Rising Threats
US Cyber Command Says National Mission Force was Deployed Over 85 Times in 2024. A secretive U.S. military unit has surged its support to partner nations across the globe in 2024 while combatting escalating threats from foreign adversaries like China and North Korea, a top official from Cyber Command told the Cyberwarcon summit on Friday.…
-
Cryptohack Roundup: No Prison Time for FTX’s Gary Wang
Also: Bitfinex Launderer Razzlekhan Gets 18-Month Sentence. This week, sentences in FTX, Bitfinex and Helix cases, a $25.5M Thala hack, the WazirX hack and South Korea probed UpBit. U.S. lawmakers want a crackdown on Tornado. U.S. Prosecutors may scale back crypto cases. BIT Mining fined $10M and the Chinese Communist Party expelled a key blockchain…
-
North Korean Front Companies Impersonate U.S. IT Firms to Fund Missile Programs
Threat actors with ties to the Democratic People’s Republic of Korea (DPRK) are impersonating U.S.-based software and technology consulting businesses in order to further their financial objectives as part of a broader information technology (IT) worker scheme.”Front companies, often based in China, Russia, Southeast Asia, and Africa, play a key role in masking the workers’…
-
Russian Phobos ransomware operator faces cybercrime charges
Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges. According to the DoJ, the…
-
‘Phobos’ Ransomware Cybercriminal Extradited From South Korea
According to the unsealed criminal charges, the operation is believed to have running for nearly four years. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/phobos-ransomware-cybercriminal-extradited-south-korea
-
Russian Phobos Ransomware Operator Extradited to US
Evgenii Ptitsyn was extradited from South Korea to the US to face charges for his alleged involvement in administering the Phobos ransomware. The post Russian Phobos Ransomware Operator Extradited to US appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/russian-phobos-ransomware-operator-extradited-to-us/
-
Phobos Ransomware Admin as Part of International Hacking Operation
The U.S. Department of Justice unsealed criminal charges today against Evgenii Ptitsyn, a 42-year-old Russian national accused of being a key figure in the notorious Phobos ransomware syndicate. Ptitsyn was extradited from South Korea and made his initial appearance in the U.S. District Court for the District of Maryland on November 4. Phobos ransomware has been…
-
Accused Phobos Ransomware Hacker in US Custody
Russian National Evgenii Ptitsyn Faces a 13 Criminal Count Indictment. A Russian national accused of working for a ransomware gang made his first appearance in federal court earlier this month after extradition from South Korea, the U.S. Department of Justice disclosed Monday. Evgenii Ptitsyn, 42, faces a 13 criminal count indictment. First seen on govinfosecurity.com…
-
US charges Phobos ransomware admin after South Korea extradition
Evgenii Ptitsyn, a Russian national and suspected administrator of the Phobos ransomware operation, was extradited from South Korea and is facing cybercrime charges in the United States. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-charges-phobos-ransomware-admin-after-south-korea-extradition/
-
North Korea’s Lazarus observed testing new macOS trojan in the wild
First seen on scworld.com Jump to article: www.scworld.com/news/north-koreans-lazarus-observed-testing-new-macos-trojan-in-the-wild
-
South Korea Fines Meta $15.67M for Illegally Sharing Sensitive User Data with Advertisers
Meta has been fined 21.62 billion won ($15.67 million) by South Korea’s data privacy watchdog for illegally collecting sensitive personal information … First seen on thehackernews.com Jump to article: thehackernews.com/2024/11/south-korea-fines-meta-1567m-for.html
-
Cryptohack Roundup: FTX Files Lawsuits to Recover Funds
Also: Arrests in $232M Scam, Guilty Plea in $73M Pig-Butchering Case. This week, FTX sued to recover money, FTX’s Caroline Ellison began her prison sentence, South Korea arrested hundreds in $232M scam, a guilty plea in a $73M pig-butchering case, BlueNoroff launched a new attack campaign, GodFather malware and WonderFi CEO kidnapped and released after…
-
New RustyAttr Malware Targets macOS Through Extended Attribute Abuse
Threat actors have been found leveraging a new technique that abuses extended attributes for macOS files to smuggle a new malware called RustyAttr.The Singaporean cybersecurity company has attributed the novel activity with moderate confidence to the infamous North Korea-linked Lazarus Group, citing infrastructure and tactical overlaps observed in connection with prior campaigns, including First seen…
-
South Korea Fines Meta About 15 Million Over Collection Of User Data
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36560/South-Korea-Fines-Meta-About-15-Million-Over-Collection-Of-User-Data.html