Tag: north-korea
-
Breach Roundup: React Flaw Incites Supply Chain Risk
Also, Microsoft Badly Patches LNK Flaw, Australian Sentenced for ‘Evil Twin’ Hack. This week, the React flaw, a belated Windows fix, Defense Secretary Pete Hegseth’s Signal group posed operational risk, more North Korean npm packages. An Australian jailed for Wi-Fi evil twin crimes. The US FTC will send $15.3 million to Avast users. A London…
-
LummaC2 Infects North Korean Hacker Device Linked to Bybit Heist
LummaC2 infostealer infects North Korean hacker’s device, exposing ties to $1.4B Bybit heist and revealing tools, infrastructure and OPSEC failures. First seen on hackread.com Jump to article: hackread.com/north-korean-hacker-device-lummac2-infostealer-bybit/
-
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. First seen on hackread.com Jump to article: hackread.com/nk-hackers-npm-packages-ottercookie-malware/
-
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. First seen on hackread.com Jump to article: hackread.com/nk-hackers-npm-packages-ottercookie-malware/
-
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. First seen on hackread.com Jump to article: hackread.com/nk-hackers-npm-packages-ottercookie-malware/
-
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. First seen on hackread.com Jump to article: hackread.com/nk-hackers-npm-packages-ottercookie-malware/
-
North Korea lures engineers to rent identities in fake IT worker scheme
In an unprecedented intelligence operation, security researchers exposed how North Korean IT recruiters target and lure developers into renting their identities for illicit fundraising. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korea-lures-engineers-to-rent-identities-in-fake-it-worker-scheme/
-
North Korea lures engineers to rent identities in fake IT worker scheme
In an unprecedented intelligence operation, security researchers exposed how North Korean IT recruiters target and lure developers into renting their identities for illicit fundraising. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korea-lures-engineers-to-rent-identities-in-fake-it-worker-scheme/
-
DPRK’s ‘Contagious Interview’ Spawns Malicious Npm Package Factory
North Korean attackers have delivered more than 197 malicious packages with 31K-plus downloads since Oct. 10, as part of ongoing state-sponsored activity to compromise software developers. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/contagious-interview-malicious-npm-package-factory
-
Researchers Capture Lazarus APT’s Remote-Worker Scheme Live on Camera
A joint investigation led by Mauro Eldritch, founder of BCA LTD, conducted together with threat-intel initiative NorthScan and ANY.RUN, a solution for interactive malware analysis and threat intelligence, has uncovered one of North Korea’s most persistent infiltration schemes: a network of remote IT workers tied to Lazarus Group’s Famous Chollima division.For the first time, researchers…
-
DPRK’s ‘Contagious Interview’ Spawns Malicious Npm Package Factory
North Korean attackers have delivered more than 197 malicious packages with 31K-plus downloads since Oct. 10, as part of ongoing state-sponsored activity to compromise software developers. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/contagious-interview-malicious-npm-package-factory
-
Researchers Capture Lazarus APT’s Remote-Worker Scheme Live on Camera
A joint investigation led by Mauro Eldritch, founder of BCA LTD, conducted together with threat-intel initiative NorthScan and ANY.RUN, a solution for interactive malware analysis and threat intelligence, has uncovered one of North Korea’s most persistent infiltration schemes: a network of remote IT workers tied to Lazarus Group’s Famous Chollima division.For the first time, researchers…
-
Officials accuse North Korea’s Lazarus of $30 million theft from crypto exchange
Yonhap News Agency reported on Friday that South Korean government officials are involved in the investigation surrounding $30 million worth of cryptocurrency that was stolen from Upbit on Wednesday evening. First seen on therecord.media Jump to article: therecord.media/officials-accuse-north-korea-hackers-of-attack-on-crypto-exchange
-
Officials accuse North Korea’s Lazarus of $30 million theft from crypto exchange
Yonhap News Agency reported on Friday that South Korean government officials are involved in the investigation surrounding $30 million worth of cryptocurrency that was stolen from Upbit on Wednesday evening. First seen on therecord.media Jump to article: therecord.media/officials-accuse-north-korea-hackers-of-attack-on-crypto-exchange
-
KimJongRAT Strikes Windows Users via Malicious HTA Files
Security researchers have confirmed that KimJongRAT, a sophisticated remote access Trojan attributed to the Kimsuky group and believed to be backed by North Korea, is being actively distributed via weaponized .hta files targeting Windows users. The discovery reveals a carefully orchestrated attack chain designed to harvest sensitive credentials and system information from compromised machines. The…
-
North Korea’s >>Contagious Interview<< Floods npm with 200 New Packages, Using Fake Crypto Jobs to Deploy OtterCookie Spyware
The post North Korea’s >>Contagious Interview
-
North Korea’s >>Contagious Interview<< Floods npm with 200 New Packages, Using Fake Crypto Jobs to Deploy OtterCookie Spyware
The post North Korea’s >>Contagious Interview
-
Contagious Interview campaign expands with 197 npm Ppackages spreading new OtterCookie malware
North Korea-linked actors behind Contagious Interview uploaded 197 new malicious npm packages to distribute a new OtterCookie malware version. North Korea-linked threat actors added 197 new malicious npm packages to spread updated OtterCookie malware as part of the ongoing Contagious Interview campaign, cybersecurity firm Socket warns. TheContagious Interviewcampaign, active since November 2023 and linked to…
-
North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware
The North Korean threat actors behind the Contagious Interview campaign have continued to flood the npm registry with 197 more malicious packages since last month.According to Socket, these packages have been downloaded over 31,000 times, and are designed to deliver a variant of OtterCookie that brings together the features of BeaverTail and prior versions of…
-
Rare APT Collaboration Emerges Between Russia and North Korea
Researchers say Russia’s Gamaredon and North Korea’s Lazarus may be sharing infrastructure, a rare APT collaboration. The post Rare APT Collaboration Emerges Between Russia and North Korea appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apt-collaboration-russia-north-korea/
-
Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim ‘Korean Leaks’ Data Heist
Tags: attack, breach, data, finance, group, korea, leak, msp, north-korea, ransomware, service, supply-chainSouth Korea’s financial sector has been targeted by what has been described as a sophisticated supply chain attack that led to the deployment of Qilin ransomware.”This operation combined the capabilities of a major Ransomware-as-a-Service (RaaS) group, Qilin, with potential involvement from North Korean state-affiliated actors (Moonstone Sleet), leveraging Managed Service Provider (MSP) First seen on…
-
North Korean Hackers Evade UN Sanctions Through Cyber Operations and Crypto Schemes
The Multilateral Sanctions Monitoring Team (MSMT) has released a comprehensive report documenting systematic violations of UN sanctions by North Korea. Between 2024 and 2025, North Korean cyber operations have achieved unprecedented scale in cryptocurrency theft. In 2024 alone, DPRK-linked actors stole approximately USD 1.19 billion a 50 percent year-on-year increase. Revealing how the Democratic People’s…
-
North Korean Hackers Evade UN Sanctions Through Cyber Operations and Crypto Schemes
The Multilateral Sanctions Monitoring Team (MSMT) has released a comprehensive report documenting systematic violations of UN sanctions by North Korea. Between 2024 and 2025, North Korean cyber operations have achieved unprecedented scale in cryptocurrency theft. In 2024 alone, DPRK-linked actors stole approximately USD 1.19 billion a 50 percent year-on-year increase. Revealing how the Democratic People’s…
-
Rare APT Collaboration Emerges Between Russia and North Korea
Researchers say Russia’s Gamaredon and North Korea’s Lazarus may be sharing infrastructure, a rare APT collaboration. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/news-russia-north-korea-apt-collab/
-
Geopolitik und Hacktivismus als ein Trend der Cyberkriminalität
Bitdefender hat eine Analyse von Ransomware-Angriffen auf Unternehmen im südkoreanischen Finanzmarkt vorgestellt. Urheber der Angriffe ist die normalerweise wirtschaftlich motiviert agierende Ransomware-as-a-Service-Gruppe Qilin. Möglicherweise arbeitete Qilin diesmal mit Moonstone Sleet, einer Gruppe aus Nordkorea mit Regierungshintergrund, zusammen. Die Angreifer gingen dabei den Weg über die Supply-Chain und nutzen Schwachstellen von Serviceanbietern als Eintrittstor für ihre…
-
Russian and North Korean Hackers Forge Global Cyberattack Alliance
Tags: cyber, cyberattack, group, hacker, infrastructure, korea, lazarus, north-korea, russia, threat, warfareState-sponsored hackers from Russia and North Korea are collaborating on shared infrastructure, marking a significant shift in cyber geopolitics. Security researchers have uncovered evidence suggesting that Gamaredon, a Russia-aligned advanced persistent threat (APT) group, and Lazarus, North Korea’s primary cyber warfare unit, may be operating jointly a development with profound implications for global security. Russia…
-
North Korean Scam Job Platform Targets U.S. AI Developers
A sophisticated new variant of the North Korean-linked Contagious Interview campaign has emerged, featuring an unprecedented level of polish and technical sophistication designed to compromise job-seeking AI developers, software engineers, and cryptocurrency professionals. Unlike typical DPRK IT worker infiltration schemes, this operation targets real individuals through an elaborate fake recruitment platform that mimics legitimate hiring…
-
North Korean Scam Job Platform Targets U.S. AI Developers
A sophisticated new variant of the North Korean-linked Contagious Interview campaign has emerged, featuring an unprecedented level of polish and technical sophistication designed to compromise job-seeking AI developers, software engineers, and cryptocurrency professionals. Unlike typical DPRK IT worker infiltration schemes, this operation targets real individuals through an elaborate fake recruitment platform that mimics legitimate hiring…