Collecting Cyber-News from over 60 sources

Tag: korea

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies

Feb 10, 2026 7:13 PM

Tags: email, identity, korea, linkedin, technology

The information technology (IT) workers associated with the Democratic People’s Republic of Korea (DPRK) are now applying to remote positions using real LinkedIn accounts of individuals they’re impersonating, marking a new escalation of the fraudulent scheme.”These profiles often have verified workplace emails and identity badges, which DPRK operatives hope will make their fraudulent First seen…
International sting dismantles illegal streaming empire serving millions

Feb 5, 2026 1:24 PM

Tags: international, korea

Actions by authorities from Italy, Romania, Spain, the United Kingdom, Canada, Kosovo and South Korea, supported by Eurojust and Europol, led to the seizure of multiple … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/05/eurojust-illegal-streaming-services-seizure/
Chollima APT Hackers Weaponize LNK Files to Deploy Sophisticated Malware

Feb 3, 2026 11:13 AM

Tags: apt, attack, cyber, email, group, hacker, korea, malware, north-korea, phishing, spear-phishing, threat

In March 2025, the Ricochet Chollima APT group, widely recognized as APT37 and linked to North Korean state-sponsored operations, launched a targeted spear-phishing campaign against activists focused on North Korean affairs. The threat actors initiated the attack chain via spear-phishing emails impersonating a North Korea-focused security expert based in South Korea. The emails referenced legitimate…
Hydra Tactics: North Korea’s LABYRINTH CHOLLIMA Splits to Hunt Crypto Secrets

Feb 3, 2026 5:13 AM

Tags: crypto, korea, north-korea, tactics

The post Hydra Tactics: North Korea’s LABYRINTH CHOLLIMA Splits to Hunt Crypto Secrets appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/hydra-tactics-north-koreas-labyrinth-chollima-splits-to-hunt-crypto-secrets/
Long-running North Korea threat group splits into 3 distinct operations

Jan 29, 2026 1:23 PM

Tags: crypto, espionage, group, korea, lazarus, north-korea, theft, threat

The trio, which share lineage with the more broadly defined Lazarus Group, are focused on espionage and cryptocurrency theft, according to CrowdStrike. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korea-labyrinth-chollima-splits-crowdstrike/
Lazarus Hackers Target European Drone Manufacturers in Active Campaign

Jan 26, 2026 4:21 PM

Tags: attack, cyber, cyberespionage, defense, group, hacker, hacking, korea, lazarus, north-korea

The North Korean state-sponsored Lazarus hacking group has launched a sophisticated cyberespionage campaign targeting European defense contractors involved in uncrewed aerial vehicle (UAV) manufacturing. The attacks appear directly linked to North Korea’s efforts to accelerate its domestic drone production capabilities through industrial espionage. The targeted organizations include a metal engineering firm, an aircraft component manufacturer,…
Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

Jan 26, 2026 11:21 AM

Tags: ai, backdoor, blockchain, hacker, india, intelligence, korea, malware, north-korea, phishing, powershell, russia, threat, tool, ukraine

The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence (AI) tools to target developers and engineering teams in the blockchain sector.The phishing campaign has targeted Japan, Australia, and India, highlighting the adversary’s expansion of the targeting scope beyond South Korea, Russia, Ukraine, and European nations, Check…
The Developer’s Backdoor: North Korea Weaponizes Visual Studio Code

Jan 26, 2026 5:21 AM

Tags: backdoor, korea, north-korea

The post The Developer’s Backdoor: North Korea Weaponizes Visual Studio Code appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/the-developers-backdoor-north-korea-weaponizes-visual-studio-code/
Threat Actors Exploit LNK Files to Deploy MoonPeak Malware on Windows Systems

Jan 23, 2026 4:34 PM

Tags: attack, cyber, exploit, finance, korea, malware, social-engineering, threat, windows

A sophisticated three-stage malware attack campaign against Windows users in South Korea using specially crafted LNK (shortcut) files. The attack begins with a deceptive LNK file named >>ì‹¤ì „ íŠ¸ë ˆì´ë, © í•µì‹¬ ë¹„ë²•ì„œ.pdf.lnk<>Practical Trading Core Secret Book<<), specifically crafted to target South Korean investors seeking financial guidance. This social engineering approach exploits users' trust […] The…
Cryptohack Roundup: South Korea Busts $102M Laundering Ring

Jan 22, 2026 6:46 PM

Tags: exploit, finance, flaw, fraud, korea, software

Also: $7 Million Saga and $5 Million Makina Finance Exploits. This week, South Korea dismantled a million money laundering ring, Saga paused SagaEVM after a $7 million exploit, Makina Finance lost $5 million, a Utah man sentenced to three years for fraud and illegal cash conversion and a software flaw let traders win Ethereum transaction…
Cryptohack Roundup: South Korea Busts $102M Laundering Ring

Jan 22, 2026 6:46 PM

Tags: exploit, finance, flaw, fraud, korea, software

Also: $7 Million Saga and $5 Million Makina Finance Exploits. This week, South Korea dismantled a million money laundering ring, Saga paused SagaEVM after a $7 million exploit, Makina Finance lost $5 million, a Utah man sentenced to three years for fraud and illegal cash conversion and a software flaw let traders win Ethereum transaction…
DPRK Actors Deploy VS Code Tunnels for Remote Hacking

Jan 22, 2026 4:30 PM

Tags: hacking, infrastructure, korea, microsoft, phishing, spear-phishing

A spear-phishing campaign tied to the Democratic People’s Republic of Korea (DPRK) uses trusted Microsoft infrastructure to avoid detection. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/dprk-vs-code-tunnels-remote-hacking
Germany and Israel Pledge Cybersecurity Alliance

Jan 21, 2026 12:13 AM

Tags: china, cyberattack, cybersecurity, defense, germany, iran, korea, north-korea, russia

Berlin Readies Legislation Authorizing More Aggressive Stance in Cyberspace. Germany wants to drastically step up defenses against cyberattacks from foes such as Russia, China, Iran and North Korea, and it’s looking to key ally Israel for lessons and cooperation. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/germany-israel-pledge-cybersecurity-alliance-a-30568
North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

Jan 20, 2026 8:29 PM

Tags: backdoor, hacker, korea, malicious, microsoft, north-korea, threat

The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio Code (VS Code) projects as lures to deliver a backdoor on compromised endpoints.The latest finding demonstrates continued evolution of the new tactic that was first discovered in December 2025, Jamf Threat Labs said.”This activity involved…
More than 40 countries impacted by North Korea IT worker scams, crypto thefts

Jan 13, 2026 11:02 PM

Tags: crypto, cyber, korea, north-korea, scam, theft

Eleven countries led a session at the UN headquarters in New York centered around a 140-page report released last fall that covered North Korea’s extensive cyber-focused efforts to fund its nuclear and ballistic weapons program. First seen on therecord.media Jump to article: therecord.media/40-countries-impacted-nk-it-thefts-united-nations
Suspected ransomware attack threatens one of South Korea’s largest companies

Jan 13, 2026 5:02 PM

Tags: attack, cyber, group, korea, ransomware

Kyowon Group, a conglomerate owned by one of South Korea’s richest people, is the latest company there to report suspicious cyber activity to authorities. First seen on therecord.media Jump to article: therecord.media/kyowon-group-south-korea-suspected-ransomware-attack
FBI Warns of North Korean QR Phishing Campaigns

Jan 9, 2026 12:01 PM

Tags: apt, group, korea, north-korea, phishing, qr, spear-phishing

The FBI says North Korea’s Kimsuky APT group is using QR codes in spear phishing campaigns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-warns-north-korean-qr-phishing/
FBI Warns of North Korean QR Phishing Campaigns

Jan 9, 2026 12:01 PM

Tags: apt, group, korea, north-korea, phishing, qr, spear-phishing

The FBI says North Korea’s Kimsuky APT group is using QR codes in spear phishing campaigns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-warns-north-korean-qr-phishing/
Breached E-Commerce Giant Details $1B ‘Customer Trust’ Plan

Jan 5, 2026 6:52 PM

Tags: breach, data, data-breach, korea

Critics of South Korea’s Coupang Dismiss Offer as Marketing More Than Compensation. After suffering a data breach that exposed personal data for two-thirds of South Korea’ population, online retailer Coupang promised to distribute $1.2 billion in vouchers to restore customer trust. But critics have accused the move of being more about marketing than true compensation.…
Top 10 Cybersecurity Predictions for 2026

Jan 1, 2026 10:52 AM

Tags: access, ai, api, application-security, attack, authentication, automation, awareness, backdoor, backup, best-practice, blockchain, breach, business, ceo, china, ciso, cloud, communications, compliance, computer, computing, conference, control, corporate, crypto, cryptography, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, deep-fake, defense, detection, disinformation, email, encryption, espionage, exploit, extortion, finance, fraud, governance, government, group, hacker, hacking, healthcare, identity, incident response, infrastructure, intelligence, Internet, iran, korea, law, linkedin, LLM, malicious, malware, mfa, military, monitoring, msp, mssp, network, nist, north-korea, organized, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, russia, scam, service, skills, soc, social-engineering, software, strategy, supply-chain, tactics, technology, theft, threat, tool, training, ukraine, update, vulnerability, vulnerability-management, warfare, windows, zero-day

Top 10 Cybersecurity Predictions for 2026 The year AI changes cybersecurity forever Cybersecurity predictions are an opportunity to look forward instead of back, to be proactive instead of reactive, and to consider how changes in attackers, technology, and the security industry will impact the sustainability of managing cyber risks. Gaining future insights to the threats, targets,…
South Korean firm hit with US investor lawsuit over data breach disclosure failures

Dec 23, 2025 2:19 PM

Tags: access, authentication, breach, china, communications, compliance, conference, country, credentials, cybersecurity, data, data-breach, encryption, finance, incident response, korea, law, risk, technology, unauthorized

Authentication keys left unrevoked after employee departure: Investigators traced the breach to a former employee who retained valid authentication credentials after leaving the company in 2024, according to statements by South Korean lawmaker Choi Min-hee. The individual, a 43-year-old Chinese national, had worked on authentication management systems and joined Coupang in November 2022.Rep. Choi Min-hee,…
South Korea to require facial recognition for new mobile numbers

Dec 22, 2025 7:19 PM

Tags: korea, mobile, phone, scam

South Korea will begin requiring facial recognition when signing up for a new mobile phone number in a bid to fight scams, the Ministry of Science and ICT announced. First seen on therecord.media Jump to article: therecord.media/south-korea-facial-recognition-phones
There’s so much stolen data in the world, South Korea will require face scans to buy a SIM

Dec 22, 2025 6:19 AM

Tags: breach, data, infosec, korea

SK Telecom’s epic infosec faill will cost it another $1.5 billion First seen on theregister.com Jump to article: www.theregister.com/2025/12/22/south_korea_facial_verification/
10 Major Cyberattacks And Data Breaches In 2025

Dec 19, 2025 8:19 PM

Tags: breach, china, cyberattack, data, korea, north-korea, ransomware, theft

Among the major cyberattacks and data breaches in 2025 were nation-state infiltration by China and North Korea, as well as massive data theft and ransomware attacks. First seen on crn.com Jump to article: www.crn.com/news/security/2025/10-major-cyberattacks-and-data-breaches-in-2025
Amazon Warns Perncious Fake North Korea IT Worker Threat Has Become Widespread

Dec 19, 2025 7:19 PM

Tags: cloud, cybersecurity, korea, north-korea, service, threat

Amazon is warning organizations that a North Korean effort to impersonate IT workers is more extensive than many cybersecurity teams may realize after discovering the cloud service provider was also victimized. A North Korean imposter was uncovered working as a remote systems administrator in the U.S. after their keystroke input lag raised suspicions. Normally, keystroke..…
A Good Year for North Korean Cybercriminals

Dec 19, 2025 3:19 PM

Tags: attack, cybercrime, korea, north-korea, strategy

North Korea shifted its strategy to patiently target bigger fish for larger payouts, using sophisticated methods to execute attacks at opportune times. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/good-year-north-korean-cybercriminals
Over $3.4 billion in crypto stolen throughout 2025, with North Korea again the top culprit

Dec 18, 2025 8:19 PM

Tags: breach, crypto, korea, north-korea

Of the $3.4 billion in crypto stolen from January to December, Chainalysis attributed at least $2.02 billion to North Korean hackers. First seen on therecord.media Jump to article: therecord.media/over-3-billion-crypto-stolen-2025-north-korea
Over $3.4 billion in crypto stolen throughout 2025, with North Korea again the top culprit

Dec 18, 2025 8:19 PM

Tags: breach, crypto, korea, north-korea

Of the $3.4 billion in crypto stolen from January to December, Chainalysis attributed at least $2.02 billion to North Korean hackers. First seen on therecord.media Jump to article: therecord.media/over-3-billion-crypto-stolen-2025-north-korea
Lazarus Group Embed New BeaverTail Variant in Developer Tools

Dec 18, 2025 8:19 PM

Tags: credentials, crypto, group, jobs, korea, lazarus, north-korea, tool

North Korea’s Lazarus Group deploys a new BeaverTail variant to steal credentials and crypto using fake job lures, dev tools, and smart contracts. First seen on hackread.com Jump to article: hackread.com/lazarus-embed-beavertail-variant-developer-tools/
Crypto Theft in 2025 Concentrated in Fewer, Larger Breaches

Dec 18, 2025 8:19 PM

Tags: access, attack, breach, crypto, data, hacker, korea, north-korea, risk, theft

Chainalysis Data Shows Access-Driven Attacks Reshaping Risk. Hackers stole more than $3.4 billion in crypto this year. Losses were driven by a small number of high-impact breaches. Chainalysis data shows how North Korea actors, centralized platforms and expanding retail adoption reshaped where crypto risk accumulated. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/crypto-theft-in-2025-concentrated-in-fewer-larger-breaches-a-30331