Tag: korea
-
Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data
The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that’s designed to steal se… First seen on thehackernews.com Jump to article: thehackernews.com/2024/06/kimsuky-using-translatext-chrome.html
-
Sellafield local authority slammed over response to North Korean ransomware attack
The local authority for Europe’s biggest nuclear site has been slammed by auditors for its response to a North Korea-linked cyber attack that temporar… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366586858/Sellafield-local-authority-slammed-over-response-to-North-Korean-ransomware-attack
-
Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware
Tags: attack, china, data, encryption, government, hacker, infrastructure, korea, north-korea, ransomware, threatThreat actors with suspected ties to China and North Korea have been linked to ransomware and data encryption attacks targeting government and critica… First seen on thehackernews.com Jump to article: thehackernews.com/2024/06/chinese-and-n-korean-hackers-target.html
-
Parliamentarians warn of UK election threat from Russia, China and North Korea
Joint parliamentary security committee chair Margaret Beckett writes to prime minister urging government to prepare for foreign states interfering wit… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366586177/Parliamentarians-warn-of-UK-election-threat-from-Russia-China-and-North-Korea
-
North Korean Hackers Target Brazilian Fintech with Sophisticated Phishing Tactics
Threat actors linked to North Korea have accounted for one-third of all the phishing activity targeting Brazil since 2020, as the country’s emergence … First seen on thehackernews.com Jump to article: thehackernews.com/2024/06/north-korean-hackers-target-brazilian.html
-
North Korea’s Moonstone Sleet Widens Distribution of Malicious Code
First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/north-koreas-moonstone-sleet-widens-distribution-of-malicious-code-packages
-
Let’s Unroll Some Questions About Russia’s Role In North Korea’s Rocket Program
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35986/Lets-Unroll-Some-Questions-About-Russias-Role-In-North-Koreas-Rocket-Program.html
-
Andariel Hackers Target South Korean Institutes with New Dora RAT Malware
The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting edu… First seen on thehackernews.com Jump to article: thehackernews.com/2024/06/andariel-hackers-target-south-korean.html
-
‘Moonstone Sleet’ APT Melds Espionage, Financial Goals
North Korea’s newest threat actor uses every trick in the nation-state APT playbook, and most of cybercrime’s tricks, too. It also developed a whole v… First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/microsoft-moonlight-sleet-apt-melds-espionage-financial-goals
-
North Korea Building Cash Reserves Using Ransomware, Video Games
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35934/North-Korea-Building-Cash-Reserves-Using-Ransomware-Video-Games.html
-
Hackers Weaponizing MS Office-Cracked Versions to Deliver Malware
Attackers in South Korea are distributing malware disguised as cracked software, including RATs and crypto miners, and registering themselves with the… First seen on gbhackers.com Jump to article: gbhackers.com/hackers-weaponizing-ms-office-malware/
-
RedTail Cryptomining Malware Exploits PAN-OS Vulnerability
Threat Actors Mirror the Tactics of North Korea’s Lazarus Group. Cryptomining malware that might be North Korean in origin is targeting edge devices, … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/redtail-cryptomining-malware-exploits-pan-os-vulnerability-a-25371
-
North Korea’s ‘Moonstone Sleet’ targets victims with malicious tools
First seen on scmagazine.com Jump to article: www.scmagazine.com/news/north-koreas-moonstone-sleet-targets-victims-with-malicious-tools
-
RedTail Malware Abuses Palo Alto Flaw in Latest Cryptomining Campaign
Hackers with possible ties to the notorious North Korea-linked Lazarus Group are exploiting a recent critical vulnerability in Palo Alto Network’s PAN… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/redtail-malware-abuses-palo-alto-flaw-in-latest-cryptomining-campaign/
-
Microsoft Warns of North Korea’s ‘Moonstone Sleet’
Pyongyang Threat Actor Is After Money and Information. A North Korean hacking group wants to make money for the cash-starved Pyongyang regime and cond… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/microsoft-warns-north-koreas-moonstone-sleet-a-25344
-
DoJ Shakes Up North Korea’s Widespread IT Freelance Scam Operation
Fraudsters based in the US and Europe indicted for helping North Korea’s nation-state groups establish fake freelancer identities and evade sanctions…. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/doj-targets-north-koreas-widespread-it-freelance-scam-operation
-
Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks
The Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea’s Reconnaissance General Bureau (RGB), has been ob… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/kimsuky-apt-deploying-linux-backdoor.html
-
Feds Bust N. Korean Identity Theft Ring Targeting US Firms
North Korea targeted US companies with stolen identities in a cybercrime scheme. The Justice Department cracks down, seizes websites, and disrupts rev… First seen on hackread.com Jump to article: www.hackread.com/feds-bust-n-korean-identity-theft-ring-us-firms/
-
North Korea-linked Kimsuky used a new Linux backdoor in recent attacks
Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea. Symantec… First seen on securityaffairs.com Jump to article: securityaffairs.com/163364/apt/kimsuky-new-linux-backdoor.html
-
North Korea-linked IT workers infiltrated hundreds of US firms
The U.S. Justice Department charged five individuals, including a U.S. woman, for aiding North Korea-linked IT workers to infiltrate 300 firms. The Ju… First seen on securityaffairs.com Jump to article: securityaffairs.com/163349/intelligence/north-korea-linked-it-workers-infiltrated-us-firms.html
-
North Korea-linked Kimsuky APT attack targets victims via Messenger
North Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware. Researchers at Genius Securi… First seen on securityaffairs.com Jump to article: securityaffairs.com/163265/apt/north-korea-kimsuky-apt-uses-messenger.html
-
North Korea IT Worker Scam Brings Malware and Funds Nukes
WTH? DPRK IT WFH: Justice Department says N. Korean hackers are getting remote IT jobs, posing as Americans. The post K IT WFH: Justice Department say… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/dprk-remote-it-jobs-richixbw/
-
Kimsuky hackers deploy new Linux backdoor in attacks on South Korea
The North Korean hacker group Kimsuki has been using a new Linux malware called Gomir that is a version of the GoBear backdoor delivered via trojanize… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kimsuky-hackers-deploy-new-linux-backdoor-in-attacks-on-south-korea/
-
Five charged for cyber schemes to benefit North Korea’s weapons program
‹The U.S. Justice Department charged five individuals today, a U.S. Citizen woman, a Ukrainian man, and three foreign nationals, for their involvement… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/five-charged-for-cyber-schemes-to-benefit-north-koreas-weapons-program/
-
North Korean Hackers Spoofing Journalist Emails to Spy on Policy Experts
The US warns that the North Korea-linked Kimsuky group is exploiting poorly configured DMARC protocols to spoof legitimate domains in espionage phishi… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-spoofing-journalist/
-
North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called … First seen on thehackernews.com Jump to article: thehackernews.com/2024/04/north-koreas-lazarus-group-deploys-new.html
-
NSA warns of North Korean hackers exploiting weak DMARC email policies
The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conforman… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nsa-warns-of-north-korean-hackers-exploiting-weak-dmarc-email-policies/
-
Cryptohack Roundup: Geosyn Fraud Lawsuit
Also: North Korea Money Laundering and South Korean Crypto Police. This week, SEC filed suit against Geosyn, prosecutors fought dismissed Tornado Cash… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-geosyn-fraud-lawsuit-a-24999