Tag: north-korea
-
Lazarus Hackers Weaponize 234 npm and PyPI Packages to Infect Developers
Sonatype’s automated detection systems have uncovered an expansive and ongoing infiltration of the global open-source ecosystem by the notorious Lazarus Group, a threat actor believed to be backed by North Korea’s Reconnaissance General Bureau. Between January and July 2025, Sonatype identified and blocked 234 malicious software packages deployed through both the npm and PyPI open-source…
-
North Korean hackers target open-source repositories in new espionage campaign
In its latest operation, Lazarus took advantage of major gaps in the open-source software supply chain, like developers depending on unvetted packages and the lack of oversight for popular tools that are often maintained by just one or two people. First seen on therecord.media Jump to article: therecord.media/north-korean-hackers-targeting-open-source-repositories
-
Over 200 Malicious Open Source Packages Traced to Lazarus Campaign
North Korea’s Lazarus Group has been blamed for a cyber-espionage campaign using open source packages First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/200-malicious-open-source-lazarus/
-
North Korean APT Hackers Compromise CI/CD Pipelines to Steal Sensitive Data
Tags: apt, cyber, data, data-breach, detection, group, hacker, korea, lazarus, malicious, malware, north-korea, open-source, threatSonatype’s automated malware detection systems have exposed a large-scale and ongoing cyber infiltration campaign orchestrated by the North Korea-backed Lazarus Group, also known as Hidden Cobra. Between January and July 2025, Sonatype identified and blocked 234 unique malware packages attributed to this state-sponsored threat actor across popular open-source registries like npm and PyPI. These malicious…
-
32% of exploited vulnerabilities are now zero-days or 1-days
Russian and Iranian threat activity rises: The security industry attributes only some of the newly discovered exploits to known attacker groups, and only some of those groups have known countries of origin. As a result, statistics on the origin of attacks are not perfect.During the first half of 2025, 181 of CVEs added to the…
-
Researchers Reveal North Korean Threat Actors’ Tactics for Uncovering Illicit Access
Cybersecurity researchers from Flashpoint have exposed the intricate tactics employed by North Korean threat actors to infiltrate global organizations through remote work vulnerabilities. These operatives, affiliated with the Democratic People’s Republic of Korea (DPRK), masquerade as legitimate freelance developers, IT specialists, and contractors, embedding themselves in corporate workflows to siphon off at least $88 million…
-
Lazarus Subgroup ‘TraderTraitor’ Targets Cloud Platforms and Contaminates Supply Chains
Tags: cloud, cyber, cybersecurity, group, lazarus, mandiant, microsoft, north-korea, supply-chain, threatThe North Korean state-sponsored advanced persistent threat (APT) known as TraderTraitor, a subgroup of the notorious Lazarus Group, has emerged as a formidable actor specializing in digital asset heists. Tracked under aliases such as UNC4899, Jade Sleet, TA444, and Slow Pisces by various cybersecurity firms including Mandiant, Microsoft, Proofpoint, and Unit42, TraderTraitor operates under the…
-
US Woman Gets Eight Years for Part in $17m North Korean Scheme
Tags: north-koreaArizonan woman sentenced to 102 months for operating laptop farm for North Korean IT workers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/woman-eight-years-17m-north-korean/
-
Arizona Woman Jailed for Helping North Korea in $17M IT Job Scam
Arizona woman jailed 8.5 years for aiding North Korea’s $17 million IT job scam, defrauding over 300 US companies. Learn how to protect your business from such sophisticated cybersecurity threats. First seen on hackread.com Jump to article: hackread.com/arizona-woman-jailed-help-north-korea-it-job-scam/
-
Security Affairs newsletter Round 534 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Law enforcement operations seized BlackSuit ransomware gang’s darknet sites Arizona woman sentenced for aiding North Korea…
-
Arizona woman sentenced for aiding North Korea in U.S. IT job fraud scheme
Arizona woman gets 8 years for helping North Korea-linked threat actors to infiltrate 309 U.S. firms with fake IT jobs. Christina Marie Chapman (50) from Arizona, was sentenced to 102 months in prison for aiding North Korean IT workers in infiltrating 309 U.S. companies. She pleaded guilty to charges including aggravated identity theft, conspiracy to…
-
Arizona Woman Sentenced for Aiding North Korean IT Workers in Cyber Operations
Christina Marie Chapman, a 50-year-old Arizona woman, has been sentenced to 102 months in prison for her role in an elaborate fraud scheme that helped North Korean IT workers pose as U.S. citizens to obtain remote positions at over 300 American companies. The scheme generated more than $17 million in illicit revenue for both Chapman…
-
North Korean hackers ran US-based “laptop farm” from Arizona woman’s home
North Korea made millions from the scheme. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/north-korean-hackers-ran-us-based-laptop-farm-from-arizona-womans-home/
-
North Korea’s IT Worker Rampage Continues Amid DoJ Action
Arrests and indictments keep coming, but the North Korean fake IT worker scheme is only snowballing, and businesses can’t afford to assume their applicant-screening processes are up to the task of weeding the imposters out. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/north-korea-it-worker-rampage-doj
-
Treasury sanctions North Koreans involved in IT-worker schemes
Tags: north-koreaAuthorities also charged several of the indicted people with attempting to evade U.S. sanctions on North Korea. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/north-korea-remote-it-worker-sanctions/754087/
-
US offers $15 million reward for info on North Korean nationals involved in global criminal network
The announcement comes as an Arizona woman was sentenced to more than eight years in jail for her role in running a laptop farm. First seen on cyberscoop.com Jump to article: cyberscoop.com/state-department-reward-north-korea-it-worker-scheme/
-
U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned a North Korean front company and three associated individuals for their involvement in the fraudulent remote information technology (IT) worker scheme designed to generate illicit revenues for Pyongyang.The sanctions target Korea Sobaeksu Trading Company (aka Sobaeksu United Corporation), and Kim Se Un,…
-
U.S. Woman Sentenced to 8.5 Years for Role in North Korean Worker Scam
Christina Marie Chapman, an Arizona resident, was sentenced to 8.5 years in prison for her role in a wide-ranging North Korean IT worker scam that sent $17 million to the outlaw country. Chapman ran a laptop farm from her home, validated stolen U.S. identities for the scammers, and transferred money overseas to the bad actors.…
-
Arizona woman sentenced to 8.5 years for running North Korean laptop farm
Prosecutors said Chapman helped the North Korean IT workers obtain jobs at 309 companies, including a major television network, a car maker, a media company, a Silicon Valley technology company and more. First seen on therecord.media Jump to article: therecord.media/arizona-woman-sentenced-north-korean-laptop-farm
-
US sanctions North Korean firm, nationals behind IT worker schemes
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned three North Korean nationals and a company for supporting fraudulent IT worker schemes that generated illicit revenue for the Democratic People’s Republic of Korea (DPRK) government. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-sanctions-north-korean-firm-nationals-behind-it-worker-schemes/
-
Woman gets 8 years for aiding North Koreans infiltrate 300 US firms
Tags: north-koreaChristina Marie Chapman, a 50-year-old woman from Arizona, was sentenced to 102 months in prison after pleading guilty to her involvement in a scheme that enabled North Korean IT workers to infiltrate 309 U.S. companies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-woman-sentenced-to-8-years-in-prison-for-running-laptop-farm-helping-north-koreans-infiltrate-300-firms/
-
US Announces $15M Reward for North Korean IT Scheme Leaders
The United States government announced coordinated actions across multiple departments today, offering rewards totaling up to $15 million for information leading to the arrests and convictions of North Korean nationals involved in extensive revenue generation schemes targeting American companies and citizens. The Department of State’s Transnational Organized Crime Rewards Program is specifically targeting Sim Hyon-sop…
-
Fake-IT-Freelancer: Betreiberin von Nordkorea-Laptopfarm muss 8,5 Jahre in Haft
Tags: north-koreaSeit Jahren infiltrieren nordkoreanische ITler Unternehmen – für Geld und Informationen. Eine US-Bürgerin muss wegen ihrer Mithilfe in Haft. First seen on golem.de Jump to article: www.golem.de/news/fake-it-freelancer-betreiberin-von-nordkorea-laptopfarm-muss-8-5-jahre-in-haft-2507-198512.html
-
Fake-IT-Freelancer: Betreiberin von Nordkorea-Laptopfarm muss 8,5 Jahre in Haft
Tags: north-koreaSeit Jahren infiltrieren nordkoreanische ITler Unternehmen – für Geld und Informationen. Eine US-Bürgerin muss wegen ihrer Mithilfe in Haft. First seen on golem.de Jump to article: www.golem.de/news/fake-it-freelancer-betreiberin-von-nordkorea-laptopfarm-muss-8-5-jahre-in-haft-2507-198512.html
-
US Announces $15M Reward for North Korean IT Scheme Leaders
The United States government announced coordinated actions across multiple departments today, offering rewards totaling up to $15 million for information leading to the arrests and convictions of North Korean nationals involved in extensive revenue generation schemes targeting American companies and citizens. The Department of State’s Transnational Organized Crime Rewards Program is specifically targeting Sim Hyon-sop…
-
US hits senior North Korean officials with sanctions, $3 million bounties
Kim Se Un, Jo Kyong Hun and Myong Chol Min are accused of helping North Korea evade U.S. and United Nations sanctions through an IT worker plot that involved tricking companies into hiring North Koreans using stolen identities. First seen on therecord.media Jump to article: therecord.media/us-sanctions-north-korean-officers-it-worker-scheme
-
Laptop farmer behind $17M North Korean IT worker scam locked up for 8.5 years
Plus she has to cough up a slice of Pyongyang’s payday First seen on theregister.com Jump to article: www.theregister.com/2025/07/24/laptop_farmer_north_korean_it_scam_sentenced/
-
Cyberattacks Surging Across Indo-Pacific, Researchers Warn
Report Urges Indo-Pacific Cyber Shield Strategy Amid Increased Nation-State Threats. A Center for a New American Security study found China and North Korea are accelerating cyberattacks, influence operations and infrastructure breaches across the Indo-Pacific, as researchers urge the U.S. to help develop a regional cyber shield, and deploy forward cyber teams. First seen on govinfosecurity.com…
-
North Korean hackers blamed for record spike in crypto thefts in 2025
Chainalysis said crypto thefts during the first half of 2025 were at record levels, thanks in large part to a single breach at a major crypto exchange. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/17/north-korean-hackers-blamed-for-record-spike-in-crypto-thefts-in-2025/