Tag: korea
-
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
Tags: blockchain, crypto, google, group, hacker, hacking, intelligence, korea, malware, north-korea, theft, threatA threat actor with ties to the Democratic People’s Republic of Korea (aka North Korea) has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the method.The activity has been attributed by Google Threat Intelligence Group (GTIG) to a threat cluster…
-
Hackers Use Blockchain to Hide Malware in Plain Sight
Tags: attack, blockchain, google, group, hacker, hacking, intelligence, korea, malware, north-korea, threatState, Criminal Hackers Use Blockchain Technique to Evade Takedowns. Google’s Threat Intelligence Group found hacking groups like North Korea’s UNC5342 and criminal group UNC5142 using a public blockchain technique called EtherHiding to distribute malware. The method makes attacks tougher to trace, block or dismantle. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hackers-use-blockchain-to-hide-malware-in-plain-sight-a-29741
-
BeaverTail and OtterCookie evolve with a new Javascript module
Cisco Talos has uncovered a new attack linked to Famous Chollima, a threat group aligned with North Korea (DPRK). First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/beavertail-and-ottercookie/
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
Bybit Theft Drives Record-Breaking $2bn Haul for North Korea
North Korean hackers have stolen over $2bn in cryptocurrency already this year, says Elliptic First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bybit-recordbreaking-2bn-north/
-
Bybit Theft Drives Record-Breaking $2bn Haul for North Korea
North Korean hackers have stolen over $2bn in cryptocurrency already this year, says Elliptic First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bybit-recordbreaking-2bn-north/
-
North Korea IT worker scheme swells beyond US companies
Okta Threat Intelligence uncovered a large-scale and sustained operation, reflecting the North Korean regime’s pursuit of any opportunity that allows for remote employment. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korea-it-worker-global-scheme-okta/
-
Chinese hackers breached critical infrastructure globally using enterprise network gear
Tags: access, backdoor, breach, business, china, communications, control, cve, defense, exploit, framework, germany, government, group, hacker, infrastructure, Internet, korea, law, malware, military, monitoring, network, open-source, penetration-testing, programming, service, threat, tool, update, vpn, vulnerability72-hour vulnerability exploitation window: RedNovember demonstrated the ability to weaponize newly disclosed vulnerabilities faster than most organizations could deploy patches, researchers found. When researchers published proof-of-concept code for Check Point VPN vulnerability CVE-2024-24919 on May 30, 2024, RedNovember was attacking vulnerable systems by June 3.That campaign hit at least 60 organizations across Brazil, Germany, Japan,…
-
SMS Pools and what the US Secret Service Really Found Around New York
Tags: apple, authentication, business, china, conference, control, country, credit-card, crime, crypto, data, email, exploit, finance, fraud, google, group, Hardware, infrastructure, iphone, jobs, korea, law, linux, mfa, mobile, phishing, phone, scam, service, smishing, software, theft, usa, windowsLast week the United Nations General Assembly kicked off in New York City. On the first day, a strange US Secret Service press conference revealed that they had seized 300 SIM Servers with 100,000 SIM cards. Various media outlets jumped on the idea that this was some state-sponsored sleeper cell waiting to destroy telecommunication services…
-
North Korea Fake Job Recruiters Up Their Backdoor Game
Eset: Lazarus Group Shares Backdoor With Newer Pyongyang Threat Actor. A gang of North Korean hackers behind fake IT job recruitment scams now have access to a remote access Trojan favored by their more technically advanced counterparts tracked collectively as the Lazarus Group, say security researchers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korea-fake-job-recruiters-up-their-backdoor-game-a-29586
-
Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks
Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on the intertwined operations of the DeceptiveDevelopment cybercrime syndicate and the WageMole activity cluster, revealing a hybrid threat that marries…
-
Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks
Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on the intertwined operations of the DeceptiveDevelopment cybercrime syndicate and the WageMole activity cluster, revealing a hybrid threat that marries…
-
North Korea’s Lazarus Group shares its malware with IT work scammers
Keeping Pyongyang’s coffers full First seen on theregister.com Jump to article: www.theregister.com/2025/09/25/lazarus_group_shares_malware_with_it_scammers/
-
North Korean IT workers use fake profiles to steal crypto
ESET Research has published new findings on DeceptiveDevelopment, also called Contagious Interview. This North Korea-aligned group has become more active in recent years and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/25/north-korea-fake-profiles-crypto-theft/
-
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers
The North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor.Slovak cybersecurity firm ESET, which is tracking the activity under the name DeceptiveDevelopment, said the campaign targets software developers across all operating systems, Windows, First seen on thehackernews.com…
-
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers
The North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor.Slovak cybersecurity firm ESET, which is tracking the activity under the name DeceptiveDevelopment, said the campaign targets software developers across all operating systems, Windows, First seen on thehackernews.com…
-
South Korea probes credit card company data breach affecting 3 million customers
A major South Korean lender that processes roughly 10% of the nation’s credit card spending started notifying some customers that they need to reissue cards. First seen on therecord.media Jump to article: therecord.media/south-korea-probes-credit-card-data-breach
-
Russia Leveraging Cyber-Attacks as a Strategic Weapon Against Key Industries in Major Nations
In 2024, as the Russia-Ukraine war prolongs and military and economic cooperation between North Korea and Russia deepens, cyberspace has become a central battleground for international conflict. Russia is leveraging cyber-attacks to alleviate economic pressure from international sanctions and to enhance its war-fighting capabilities, targeting key industries in major countries around the globe. In November…
-
DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams
Threat actors with ties to the Democratic People’s Republic of Korea (aka DPRK or North Korea) have been observed leveraging ClickFix-style lures to deliver a known malware called BeaverTail and InvisibleFerret.”The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles,” GitLab…
-
South Korea Personal Information Privacy Act
What is the Data Privacy Act (DPA)? The Philippines Data Privacy Act of 2012 (Republic Act No. 10173), commonly referred to as the DPA, is the country’s primary data protection law. Enacted in August 2012, the Act was designed to safeguard the fundamental right to privacy of every Filipino while ensuring the free flow of……
-
North Korean Group Targets South With Military ID Deepfakes
The North Korea-linked group Kimsuky used ChatGPT to create deepfakes of military ID documents in an attempt to compromise South Korean targets. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/north-korean-group-south-military-id-deepfakes
-
North Korean Hackers Weaponize ChatGPT in AI-Driven Phishing Attack
North Korea’s Kimsuky hackers used ChatGPT to forge government IDs in a phishing attack, marking a new era of AI-powered cyber warfare. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/north-korean-hackers-weaponize-chatgpt-in-ai-driven-phishing-attack/
-
North Korea’s Kimsuky Group Uses AI-Generated Military IDs in New Attack
North Korea’s Kimsuky hackers use AI-generated fake military IDs in a new phishing campaign, GSC warns, marking a… First seen on hackread.com Jump to article: hackread.com/north-korea-kimsuky-group-ai-generated-military-ids/
-
Pro-Russian Hackers Target Critical Industries Across the Globe
In 2024, as the Russia-Ukraine war prolongs and military and economic cooperation between North Korea and Russia deepens, cyberspace has emerged as a central battleground for international conflict. Russia is increasingly using cyber-attacks as a strategic tool to alleviate economic pressure from international sanctions and to bolster its war capabilities. This shift has led to…