Tag: lazarus
-
Cryptohack Roundup: Authorities Shutter Cryptomixer
Also: Anthropic Warns of Autonomous AI Exploits on Blockchain. This week, authorities shutter Cryptomixer, Anthropic warns about autonomous AI exploits, U.K. plans ban on crypto political donations, Do Kwon seeks leniency, Lazarus Group suspected in Upbit theft, Balancer’s post-exploit plans and Yearn recovers some hacked amount. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-authorities-shutter-cryptomixer-a-30192
-
Researchers Capture Lazarus APT’s Remote-Worker Scheme Live on Camera
A joint investigation led by Mauro Eldritch, founder of BCA LTD, conducted together with threat-intel initiative NorthScan and ANY.RUN, a solution for interactive malware analysis and threat intelligence, has uncovered one of North Korea’s most persistent infiltration schemes: a network of remote IT workers tied to Lazarus Group’s Famous Chollima division.For the first time, researchers…
-
Researchers Capture Lazarus APT’s Remote-Worker Scheme Live on Camera
A joint investigation led by Mauro Eldritch, founder of BCA LTD, conducted together with threat-intel initiative NorthScan and ANY.RUN, a solution for interactive malware analysis and threat intelligence, has uncovered one of North Korea’s most persistent infiltration schemes: a network of remote IT workers tied to Lazarus Group’s Famous Chollima division.For the first time, researchers…
-
Officials accuse North Korea’s Lazarus of $30 million theft from crypto exchange
Yonhap News Agency reported on Friday that South Korean government officials are involved in the investigation surrounding $30 million worth of cryptocurrency that was stolen from Upbit on Wednesday evening. First seen on therecord.media Jump to article: therecord.media/officials-accuse-north-korea-hackers-of-attack-on-crypto-exchange
-
Officials accuse North Korea’s Lazarus of $30 million theft from crypto exchange
Yonhap News Agency reported on Friday that South Korean government officials are involved in the investigation surrounding $30 million worth of cryptocurrency that was stolen from Upbit on Wednesday evening. First seen on therecord.media Jump to article: therecord.media/officials-accuse-north-korea-hackers-of-attack-on-crypto-exchange
-
Rare APT Collaboration Emerges Between Russia and North Korea
Researchers say Russia’s Gamaredon and North Korea’s Lazarus may be sharing infrastructure, a rare APT collaboration. The post Rare APT Collaboration Emerges Between Russia and North Korea appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apt-collaboration-russia-north-korea/
-
Rare APT Collaboration Emerges Between Russia and North Korea
Researchers say Russia’s Gamaredon and North Korea’s Lazarus may be sharing infrastructure, a rare APT collaboration. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/news-russia-north-korea-apt-collab/
-
Russian and North Korean Hackers Forge Global Cyberattack Alliance
Tags: cyber, cyberattack, group, hacker, infrastructure, korea, lazarus, north-korea, russia, threat, warfareState-sponsored hackers from Russia and North Korea are collaborating on shared infrastructure, marking a significant shift in cyber geopolitics. Security researchers have uncovered evidence suggesting that Gamaredon, a Russia-aligned advanced persistent threat (APT) group, and Lazarus, North Korea’s primary cyber warfare unit, may be operating jointly a development with profound implications for global security. Russia…
-
North Korean Kimsuky and Lazarus Teams Target Critical Sectors with Zero-Day Exploits
Tags: apt, attack, blockchain, crypto, cyber, exploit, finance, framework, group, healthcare, infrastructure, intelligence, korea, lazarus, military, north-korea, threat, zero-dayNorth Korea’s two most formidable APT groups Kimsuky and Lazarus have established a coordinated operational framework that combines intelligence gathering with large-scale cryptocurrency theft. According to a comprehensive Trend Micro analysis, this collaboration poses an unprecedented threat to critical infrastructure worldwide, with attacks targeting the military, financial, blockchain, energy, and healthcare sectors across the United…
-
North Korean Kimsuky and Lazarus Teams Target Critical Sectors with Zero-Day Exploits
Tags: apt, attack, blockchain, crypto, cyber, exploit, finance, framework, group, healthcare, infrastructure, intelligence, korea, lazarus, military, north-korea, threat, zero-dayNorth Korea’s two most formidable APT groups Kimsuky and Lazarus have established a coordinated operational framework that combines intelligence gathering with large-scale cryptocurrency theft. According to a comprehensive Trend Micro analysis, this collaboration poses an unprecedented threat to critical infrastructure worldwide, with attacks targeting the military, financial, blockchain, energy, and healthcare sectors across the United…
-
Lazarus APT Group’s New ScoringMathTea RAT Enhances Remote Command Execution and More
The Lazarus APT Group, an advanced persistent threat (APT) attributed to North Korea, has deployed a sophisticated new Remote Access Trojan (RAT) called ScoringMathTea as part of its ongoing Operation DreamJob cyberespionage campaign. ScoringMathTea represents a significant evolution in Lazarus’s malware toolkit, implementing a modular architecture designed specifically to evade detection across both network and…
-
Lazarus APT Group’s New ScoringMathTea RAT Enhances Remote Command Execution and More
The Lazarus APT Group, an advanced persistent threat (APT) attributed to North Korea, has deployed a sophisticated new Remote Access Trojan (RAT) called ScoringMathTea as part of its ongoing Operation DreamJob cyberespionage campaign. ScoringMathTea represents a significant evolution in Lazarus’s malware toolkit, implementing a modular architecture designed specifically to evade detection across both network and…
-
Lazarus Group Deploys Weaponized Documents Against Aerospace Defense
Security researchers at ENKI have uncovered a sophisticated espionage campaign targeting aerospace and defense organizations, in which the Lazarus Group is weaponizing a new variant of the Comebacker backdoor to infiltrate high-value targets. The threat actor has been actively conducting phishing operations since at least March 2025, distributing malicious documents disguised as legitimate communications from…
-
Lazarus Group Attacks Aerospace/Defense with New ChaCha20-Encrypted Comebacker Backdoor
The post Lazarus Group Attacks Aerospace/Defense with New ChaCha20-Encrypted Comebacker Backdoor appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/lazarus-group-attacks-aerospace-defense-with-new-chacha20-encrypted-comebacker-backdoor/
-
Drohn-Gebärden aus Nordkorea: Lazarus greift europäische UAV-Hersteller an
ESET Forscher analysieren eine aktuelle Cyberspionage-Kampagne der berüchtigten nordkoreanischen Hackergruppe First seen on welivesecurity.com Jump to article: www.welivesecurity.com/drohn-gebarden-aus-nordkorea-lazarus-greift-europaische-uav-hersteller-an/
-
âš¡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More
Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems”, some just hours after being found. No system was fully safe.From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted…
-
âš¡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More
Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems”, some just hours after being found. No system was fully safe.From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted…
-
North Korean APTs Upgrade Arsenal: Kimsuky Uses Stealthy HttpTroy, Lazarus Deploys New BLINDINGCAN RAT
The post North Korean APTs Upgrade Arsenal: Kimsuky Uses Stealthy HttpTroy, Lazarus Deploys New BLINDINGCAN RAT appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/north-korean-apts-upgrade-arsenal-kimsuky-uses-stealthy-httptroy-lazarus-deploys-new-blindingcan-rat/
-
Kimsuky and Lazarus Hackers Deploy New Backdoor Tools for Remote Access Attacks
North Korean state-sponsored threat actors have escalated their cyber operations with the deployment of sophisticated new malware variants designed to establish persistent backdoor access to compromised systems. Recent investigations by threat intelligence researchers have uncovered two distinct toolsets from prominent DPRK-aligned hacking groups: Kimsuky’s newly identified HttpTroy backdoor and an upgraded version of Lazarus’s BLINDINGCAN…
-
Researchers Expose GhostCall and GhostHire: BlueNoroff’s New Malware Chains
Threat actors tied to North Korea have been observed targeting the Web3 and blockchain sectors as part of twin campaigns tracked as GhostCall and GhostHire.According to Kaspersky, the campaigns are part of a broader operation called SnatchCrypto that has been underway since at least 2017. The activity is attributed to a Lazarus Group sub-cluster called…
-
Lazarus group targets European drone makers in new espionage campaign
Drone-component theft meets geopolitical ambition: The targeting of firms linked to UAV design and manufacture is no coincidence. At least two of the companies compromised were tied to critical drone component supply chains and software systems.”The in-the-wild attacks successively targeted three European companies active in the defense sector,” researchers added. “Although their activities are somewhat…
-
North Korean Hackers Target UAV Industry to Steal Confidential Data
ESET researchers have uncovered a sophisticated cyberespionage campaign targeting European defense companies specializing in unmanned aerial vehicle (UAV) technology. The attacks, attributed to the North Korea-aligned Lazarus group operating under Operation DreamJob, reveal a coordinated effort to steal proprietary manufacturing data and design specifications from critical players in the drone industry. The campaign, observed beginning…
-
North Korean Hackers Target UAV Industry to Steal Confidential Data
ESET researchers have uncovered a sophisticated cyberespionage campaign targeting European defense companies specializing in unmanned aerial vehicle (UAV) technology. The attacks, attributed to the North Korea-aligned Lazarus group operating under Operation DreamJob, reveal a coordinated effort to steal proprietary manufacturing data and design specifications from critical players in the drone industry. The campaign, observed beginning…
-
North Korean hacking group targeting European drone maker with ScoringMathTea malware
Researchers at ESET said they found evidence of a new tentacle of the long-running Operation DreamJob campaign, where North Korea’s Lazarus group sends malware-laden emails purporting to be from recruiters at top companies. First seen on therecord.media Jump to article: therecord.media/north-korea-hackers-target-europe-drone-makers
-
Lazarus targets European defense firms in UAV-themed Operation DreamJob
North Korean Lazarus hackers targeted 3 European defense firms via Operation DreamJob, using fake recruitment lures to hit UAV tech staff. North Korea-linked Lazarus APT group (aka Hidden Cobra) launched Operation DreamJob, compromising three European defense companies. Threat actors used fake recruiter profiles to lure employees into UAV technology roles, aiming to gain access to…