Tag: north-korea
-
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks
Tags: access, ai, chatgpt, china, credentials, cyberattack, hacker, intelligence, malware, north-korea, openai, russia, threat, toolOpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development.This includes a Russian”‘language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan (RAT), a credential stealer with an aim to evade detection. The operator…
-
North Korean hackers stole over $2 billion in crypto this year
North Korean hackers have stolen an estimated $2 billion worth of cryptocurrency assets in 2025, marking the largest annual total on record. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/cryptocurrency/north-korean-hackers-stole-over-2-billion-in-crypto-this-year/
-
North Korean hackers stole over $2 billion in crypto so far in 2025, researchers say
Blockchain monitoring firm Elliptic said this year’s total is already an all-time record for the North Korean regime. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/07/north-korean-hackers-stole-over-2-billion-in-crypto-so-far-in-2025-researchers-say/
-
North Korea IT worker scheme swells beyond US companies
Okta Threat Intelligence uncovered a large-scale and sustained operation, reflecting the North Korean regime’s pursuit of any opportunity that allows for remote employment. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korea-it-worker-global-scheme-okta/
-
North Korea Fake Job Recruiters Up Their Backdoor Game
Eset: Lazarus Group Shares Backdoor With Newer Pyongyang Threat Actor. A gang of North Korean hackers behind fake IT job recruitment scams now have access to a remote access Trojan favored by their more technically advanced counterparts tracked collectively as the Lazarus Group, say security researchers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korea-fake-job-recruiters-up-their-backdoor-game-a-29586
-
Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks
Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on the intertwined operations of the DeceptiveDevelopment cybercrime syndicate and the WageMole activity cluster, revealing a hybrid threat that marries…
-
Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks
Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on the intertwined operations of the DeceptiveDevelopment cybercrime syndicate and the WageMole activity cluster, revealing a hybrid threat that marries…
-
North Korea’s Lazarus Group shares its malware with IT work scammers
Keeping Pyongyang’s coffers full First seen on theregister.com Jump to article: www.theregister.com/2025/09/25/lazarus_group_shares_malware_with_it_scammers/
-
North Korean IT workers use fake profiles to steal crypto
ESET Research has published new findings on DeceptiveDevelopment, also called Contagious Interview. This North Korea-aligned group has become more active in recent years and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/25/north-korea-fake-profiles-crypto-theft/
-
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers
The North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor.Slovak cybersecurity firm ESET, which is tracking the activity under the name DeceptiveDevelopment, said the campaign targets software developers across all operating systems, Windows, First seen on thehackernews.com…
-
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers
The North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor.Slovak cybersecurity firm ESET, which is tracking the activity under the name DeceptiveDevelopment, said the campaign targets software developers across all operating systems, Windows, First seen on thehackernews.com…
-
North Korean IT Worker Gains Access to Organization’s Network Through Innocent Job Application
In today’s complex threat landscape, adversaries increasingly favor “malware-less” intrusion methods that slip past traditional defenses. One particularly insidious scheme involves North Korean operatives posing as legitimate remote IT professionals to infiltrate corporate networks. Trellix researchers recently uncovered a campaign in which a fake applicant seamlessly advanced through hiring stages at a major U.S. healthcare…
-
North Korean IT Worker Gains Access to Organization’s Network Through Innocent Job Application
In today’s complex threat landscape, adversaries increasingly favor “malware-less” intrusion methods that slip past traditional defenses. One particularly insidious scheme involves North Korean operatives posing as legitimate remote IT professionals to infiltrate corporate networks. Trellix researchers recently uncovered a campaign in which a fake applicant seamlessly advanced through hiring stages at a major U.S. healthcare…
-
What to do if your company discovers a North Korean worker in its ranks
Experts say companies often struggle to manage the aftermath when they discover an employee’s true identity is not what it seemed. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korean-it-workers-enterprise-risks-sanctions-response/
-
Russia Leveraging Cyber-Attacks as a Strategic Weapon Against Key Industries in Major Nations
In 2024, as the Russia-Ukraine war prolongs and military and economic cooperation between North Korea and Russia deepens, cyberspace has become a central battleground for international conflict. Russia is leveraging cyber-attacks to alleviate economic pressure from international sanctions and to enhance its war-fighting capabilities, targeting key industries in major countries around the globe. In November…
-
Russland und China nehmen deutsche Wirtschaft ins Visier
Laut einer Bitkom-Umfrage kommen die meisten Cyberangriffe auf Unternehmen hierzulande noch immer aus Russland und China.Knapp drei von vier Unternehmen hierzulande berichten von zunehmenden Angriffen analog und digital. Der Schaden wird auf rund 289 Milliarden Euro geschätzt. Das geht aus einer repräsentativen Befragung von mehr als 1.000 Unternehmen unterschiedlicher Branchen durch den Digitalverband Bitkom hervor. Demnach…
-
BeaverTail Malware Delivered Through Malicious Repositories Targets Retailers
Tech Note BeaverTail variant distributed via malicious repositories and ClickFix lure17 September 2025 Oliver Smith, GitLab Threat Intelligence We have identified infrastructure distributing BeaverTail and InvisibleFerret malware since at least May 2025, operated by North Korean actors tracked as Contagious Interview and Famous Chollima. The campaign uses ClickFix lures to target marketing and […] The…
-
North Korean operation uses ChatGPT to forge military IDs as part of cyberattack
The hacking group known as Kimsuky used generative AI to create South Korean military IDs used in a phishing campaign against defense-related institutions, researchers said. First seen on therecord.media Jump to article: therecord.media/north-korea-kimsuky-hackers-phishing-fake-military-ids-chatgpt
-
North Korean operation uses ChatGPT to forge military IDs as part of cyberattack
The hacking group known as Kimsuky used generative AI to create South Korean military IDs used in a phishing campaign against defense-related institutions, researchers said. First seen on therecord.media Jump to article: therecord.media/north-korea-kimsuky-hackers-phishing-fake-military-ids-chatgpt
-
North Korean Group Targets South With Military ID Deepfakes
The North Korea-linked group Kimsuky used ChatGPT to create deepfakes of military ID documents in an attempt to compromise South Korean targets. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/north-korean-group-south-military-id-deepfakes
-
North Korean Hackers Weaponize ChatGPT in AI-Driven Phishing Attack
North Korea’s Kimsuky hackers used ChatGPT to forge government IDs in a phishing attack, marking a new era of AI-powered cyber warfare. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/north-korean-hackers-weaponize-chatgpt-in-ai-driven-phishing-attack/
-
North Korea’s Kimsuky Group Uses AI-Generated Military IDs in New Attack
North Korea’s Kimsuky hackers use AI-generated fake military IDs in a new phishing campaign, GSC warns, marking a… First seen on hackread.com Jump to article: hackread.com/north-korea-kimsuky-group-ai-generated-military-ids/
-
AI-Forged Military IDs Used in North Korean Phishing Attack
Genians observed the Kimsuky group impersonate a defense institution in a spear-phishing attack, leveraging ChatGPT to create fake military ID cards First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-military-ids-north-korea/
-
Pro-Russian Hackers Target Critical Industries Across the Globe
In 2024, as the Russia-Ukraine war prolongs and military and economic cooperation between North Korea and Russia deepens, cyberspace has emerged as a central battleground for international conflict. Russia is increasingly using cyber-attacks as a strategic tool to alleviate economic pressure from international sanctions and to bolster its war capabilities. This shift has led to…
-
Proton Mail sperrt EAccounts nach Nordkorea-Hack
Weil der Autor vom PDF-Magazin Phrack ‘weiteren Schaden an ihrem Dienst verursachen könnte” sperrte Proton Mail mehrere E-Mail-Accounts. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/cyberangriffe/proton-mail-sperrt-e-mail-accounts-nach-nordkorea-hack-320571.html
-
Proton Mail sperrt EAccounts nach Nordkorea-Hack
Weil der Autor vom PDF-Magazin Phrack ‘weiteren Schaden an ihrem Dienst verursachen könnte” sperrte Proton Mail mehrere E-Mail-Accounts. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/cyberangriffe/proton-mail-sperrt-e-mail-accounts-nach-nordkorea-hack-320571.html