Tag: korea
-
Chinese hackers breached critical infrastructure globally using enterprise network gear
Tags: access, backdoor, breach, business, china, communications, control, cve, defense, exploit, framework, germany, government, group, hacker, infrastructure, Internet, korea, law, malware, military, monitoring, network, open-source, penetration-testing, programming, service, threat, tool, update, vpn, vulnerability72-hour vulnerability exploitation window: RedNovember demonstrated the ability to weaponize newly disclosed vulnerabilities faster than most organizations could deploy patches, researchers found. When researchers published proof-of-concept code for Check Point VPN vulnerability CVE-2024-24919 on May 30, 2024, RedNovember was attacking vulnerable systems by June 3.That campaign hit at least 60 organizations across Brazil, Germany, Japan,…
-
SMS Pools and what the US Secret Service Really Found Around New York
Tags: apple, authentication, business, china, conference, control, country, credit-card, crime, crypto, data, email, exploit, finance, fraud, google, group, Hardware, infrastructure, iphone, jobs, korea, law, linux, mfa, mobile, phishing, phone, scam, service, smishing, software, theft, usa, windowsLast week the United Nations General Assembly kicked off in New York City. On the first day, a strange US Secret Service press conference revealed that they had seized 300 SIM Servers with 100,000 SIM cards. Various media outlets jumped on the idea that this was some state-sponsored sleeper cell waiting to destroy telecommunication services…
-
North Korea Fake Job Recruiters Up Their Backdoor Game
Eset: Lazarus Group Shares Backdoor With Newer Pyongyang Threat Actor. A gang of North Korean hackers behind fake IT job recruitment scams now have access to a remote access Trojan favored by their more technically advanced counterparts tracked collectively as the Lazarus Group, say security researchers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korea-fake-job-recruiters-up-their-backdoor-game-a-29586
-
Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks
Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on the intertwined operations of the DeceptiveDevelopment cybercrime syndicate and the WageMole activity cluster, revealing a hybrid threat that marries…
-
Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks
Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on the intertwined operations of the DeceptiveDevelopment cybercrime syndicate and the WageMole activity cluster, revealing a hybrid threat that marries…
-
North Korea’s Lazarus Group shares its malware with IT work scammers
Keeping Pyongyang’s coffers full First seen on theregister.com Jump to article: www.theregister.com/2025/09/25/lazarus_group_shares_malware_with_it_scammers/
-
North Korean IT workers use fake profiles to steal crypto
ESET Research has published new findings on DeceptiveDevelopment, also called Contagious Interview. This North Korea-aligned group has become more active in recent years and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/25/north-korea-fake-profiles-crypto-theft/
-
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers
The North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor.Slovak cybersecurity firm ESET, which is tracking the activity under the name DeceptiveDevelopment, said the campaign targets software developers across all operating systems, Windows, First seen on thehackernews.com…
-
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers
The North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor.Slovak cybersecurity firm ESET, which is tracking the activity under the name DeceptiveDevelopment, said the campaign targets software developers across all operating systems, Windows, First seen on thehackernews.com…
-
South Korea probes credit card company data breach affecting 3 million customers
A major South Korean lender that processes roughly 10% of the nation’s credit card spending started notifying some customers that they need to reissue cards. First seen on therecord.media Jump to article: therecord.media/south-korea-probes-credit-card-data-breach
-
Russia Leveraging Cyber-Attacks as a Strategic Weapon Against Key Industries in Major Nations
In 2024, as the Russia-Ukraine war prolongs and military and economic cooperation between North Korea and Russia deepens, cyberspace has become a central battleground for international conflict. Russia is leveraging cyber-attacks to alleviate economic pressure from international sanctions and to enhance its war-fighting capabilities, targeting key industries in major countries around the globe. In November…
-
DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams
Threat actors with ties to the Democratic People’s Republic of Korea (aka DPRK or North Korea) have been observed leveraging ClickFix-style lures to deliver a known malware called BeaverTail and InvisibleFerret.”The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles,” GitLab…
-
South Korea Personal Information Privacy Act
What is the Data Privacy Act (DPA)? The Philippines Data Privacy Act of 2012 (Republic Act No. 10173), commonly referred to as the DPA, is the country’s primary data protection law. Enacted in August 2012, the Act was designed to safeguard the fundamental right to privacy of every Filipino while ensuring the free flow of……
-
North Korean Group Targets South With Military ID Deepfakes
The North Korea-linked group Kimsuky used ChatGPT to create deepfakes of military ID documents in an attempt to compromise South Korean targets. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/north-korean-group-south-military-id-deepfakes
-
North Korean Hackers Weaponize ChatGPT in AI-Driven Phishing Attack
North Korea’s Kimsuky hackers used ChatGPT to forge government IDs in a phishing attack, marking a new era of AI-powered cyber warfare. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/north-korean-hackers-weaponize-chatgpt-in-ai-driven-phishing-attack/
-
North Korea’s Kimsuky Group Uses AI-Generated Military IDs in New Attack
North Korea’s Kimsuky hackers use AI-generated fake military IDs in a new phishing campaign, GSC warns, marking a… First seen on hackread.com Jump to article: hackread.com/north-korea-kimsuky-group-ai-generated-military-ids/
-
Pro-Russian Hackers Target Critical Industries Across the Globe
In 2024, as the Russia-Ukraine war prolongs and military and economic cooperation between North Korea and Russia deepens, cyberspace has emerged as a central battleground for international conflict. Russia is increasingly using cyber-attacks as a strategic tool to alleviate economic pressure from international sanctions and to bolster its war capabilities. This shift has led to…
-
Lazarus Group Deploys Malware With ClickFix Scam in Fake Job Interviews
North Korea’s Lazarus Group uses the ClickFix scam in fake crypto job interviews to deploy malware, steal data,… First seen on hackread.com Jump to article: hackread.com/lazarus-group-malware-clickfix-scam-fake-job-interview/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Operation HanKook Phantom: North Korean APT37 targeting South Korea Three Lazarus RATs coming for your cheese Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide Android Droppers: The Silent…
-
ICE Has Spyware Now
Plus: An AI chatbot system is linked to a widespread hack, details emerge of a US plan to plant a spy device in North Korea, your job’s security training isn’t working, and more. First seen on wired.com Jump to article: www.wired.com/story/ice-has-spyware-now/
-
Japan, South Korea Take Aim at North Korean IT Worker Scam
With the continued success of North Korea’s IT worker scams, Asia-Pacific nations are working with private firms to blunt the scheme’s effectiveness. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/japan-south-korea-north-korean-it-worker-scam
-
North Korea’s ScarCruft Targets Academics With RokRAT Malware
A new report reveals North Korea-linked ScarCruft is using RokRAT malware to target academics in a phishing campaign…. First seen on hackread.com Jump to article: hackread.com/north-korea-scarcruft-target-academics-rokrat-malware/
-
South Korea AI Act
What is the South Korea AI Act? South Korea’s Framework Act on the Development of Artificial Intelligence and Creation of a Trust Foundation, often referred to simply as the AI Framework Act or the AI Basic Act, is the country’s landmark law on artificial intelligence. It was passed by the National Assembly in December 2024,……
-
North Korea’s APT37 deploys RokRAT in new phishing campaign against academics
ScarCruft (APT37) launches Operation HanKook Phantom, a phishing campaign using RokRAT to target academics, ex-officials, and researchers. Cybersecurity firm Seqrite Labs uncovered a phishing campaign, tracked as dubbed Operation HanKook Phantom, by the North Korea-linked group APT37 (aka Ricochet Chollima, ScarCruft, Reaper, and Group123). Threat actors are using a fake “National Intelligence Research Society Newsletter…
-
ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics
Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to deliver a malware known as RokRAT.The activity has been codenamed Operation HanKook Phantom by Seqrite Labs, stating the attacks appear to target individuals associated with the National Intelligence Research Association, including academic figures First seen…