Tag: north-korea

North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages

Jun 25, 2025 10:35 AM

Tags: attack, cybersecurity, korea, malicious, north-korea, supply-chain

Cybersecurity researchers have uncovered a fresh batch of malicious npm packages linked to the ongoing Contagious Interview operation originating from North Korea.According to Socket, the ongoing supply chain attack involves 35 malicious packages that were uploaded from 24 npm accounts. These packages have been collectively downloaded over 4,000 times. The complete list of the JavaScript…
North Korean Hackers Use Malicious Zoom Apps to Execute System-Takeover Attacks

Jun 24, 2025 12:35 PM

Tags: attack, cyber, cybersecurity, hacker, malicious, north-korea, scam, social-engineering, threat

Cybersecurity researchers and targeted individuals have reported a highly sophisticated scam orchestrated by suspected North Korean hackers. This attack, disguised as a legitimate Zoom meeting, leverages advanced social engineering techniques to trick professionals into compromising their systems. The campaign, which surfaced recently, highlights the growing audacity and technical prowess of state-sponsored threat actors aiming to…
OpenAI Used Globally for Attacks FireTail Blog

Jun 24, 2025 5:35 AM

Tags: access, ai, attack, botnet, chatgpt, china, control, election, espionage, exploit, extortion, germany, hacker, Internet, iran, jobs, korea, malicious, malware, north-korea, openai, penetration-testing, russia, scam, social-engineering, vulnerability, windows

Jun 23, 2025 – – In 2025, virtually no one is a stranger to OpenAI’s ChatGPT. It is one of the most popular AI applications on the Internet, and almost everyone is using it from your boss, to your neighbor, to the passive-aggressive friend sending you oddly phrased text messages.But since it is relatively new,…
Successful Military Attacks are Driving Nation States to Cyber Options

Jun 24, 2025 5:35 AM

Tags: attack, china, communications, computing, cyber, cyberattack, cybersecurity, data, defense, exploit, extortion, finance, fraud, government, healthcare, infrastructure, iran, korea, middle-east, military, north-korea, russia, service, tactics, technology, tool, ukraine, vulnerability, warfare

With daring military attacks, kinetic warfare is shifting the balance of power in regions across the globe, upending the perception of power projection. Powerful nations are reeling from the impacts of bold assaults and seeking additional methods to drive foreign policy”Š”, “Šcyber may look as an appealing asymmetric warfare capability that is worth doubling-down on.…
North Korean Hackers Weaponize GitHub Infrastructure to Distribute Malware

Jun 23, 2025 4:35 PM

Tags: attack, cyber, cybersecurity, github, group, hacker, infrastructure, malicious, malware, north-korea, powershell, threat

Cybersecurity researchers have uncovered a sophisticated spearphishing campaign orchestrated by the North Korean threat group Kimsuky, leveraging GitHub as a critical piece of attack infrastructure to distribute malware since March 2025. This operation, identified through analysis of a malicious PowerShell script posted on X, showcases an alarming abuse of legitimate platforms like GitHub and Dropbox…
BlueNoroff Hackers Exploit Zoom App to Deploy Infostealer Malware in Targeted Attacks

Jun 23, 2025 3:35 PM

Tags: attack, cyber, exploit, hacker, lazarus, malware, north-korea, social-engineering, threat

The Field Effect Analysis team has uncovered a targeted social engineering campaign orchestrated by the North Korean state-sponsored threat actor BlueNoroff, a financially motivated subgroup of the notorious Lazarus Group. A Canadian online gambling provider fell victim to a meticulously crafted attack involving impersonation of a trusted contact and the Zoom platform. Sophisticated Social Engineering…
North Korean BlueNoroff Uses Deepfakes in Zoom Scams to Install macOS Malware for Crypto Theft

Jun 23, 2025 5:35 AM

Tags: crypto, deep-fake, macOS, malware, north-korea, scam, theft

The post North Korean BlueNoroff Uses Deepfakes in Zoom Scams to Install macOS Malware for Crypto Theft appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/north-korean-bluenoroff-uses-deepfakes-in-zoom-scams-to-install-macos-malware-for-crypto-theft/
BitoPro exchange links Lazarus hackers to $11 million crypto heist

Jun 20, 2025 8:36 PM

Tags: crypto, cyberattack, group, hacker, hacking, lazarus, north-korea, theft

The Taiwanese cryptocurrency exchange BitoPro claims the North Korean hacking group Lazarus is behind a cyberattack that led to the theft of $11,000,000 worth of cryptocurrency on May 8, 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bitopro-exchange-links-lazarus-hackers-to-11-million-crypto-heist/
Liverübertragung einer Kirche aus Südkorea gehackt?

Jun 20, 2025 10:35 AM

Tags: cyberattack, north-korea

Seoul church suspects cyberattack behind North Korean flag appearance in livestream First seen on koreajoongangdaily.joins.com Jump to article: koreajoongangdaily.joins.com/news/2025-06-20/national/socialAffairs/Seoul-church-suspects-cyberattack-behind-North-Korean-flag-appearance-in-livestream/2334617
North Korean Hackers Deploy Malware Using Weaponized Calendly and Google Meet Links

Jun 19, 2025 9:35 PM

Tags: attack, crypto, cyber, google, group, hacker, macOS, malicious, malware, north-korea, threat

The North Korean state-sponsored threat actor group, identified as TA444 (also known as BlueNoroff, Sapphire Sleet, and others), has unleashed a sophisticated malware campaign targeting cryptocurrency foundations. This intricate attack, uncovered by Huntress, leverages weaponized Calendly links and deceptive Google Meet invitations to deliver a barrage of malicious payloads, specifically designed for macOS systems. The…
Cryptohack Roundup: $100 Million Iranian Cryptocurrency Hack

Jun 19, 2025 8:36 PM

Tags: ceo, crypto, iran, korea, north-korea, scam

Also: Gotbit CEO Sentencing, US Authorities Seize $225M Tied to Scams. This week, $100 million Nobitex hack, Gotbit CEO sentenced, support for Roman Storm, Trump’s crypto earnings, North Korea’s Codebase infiltration, Haru Invest CEO acquitted, $225 million scam funds seized and New York disrupted a $1 million scam. First seen on govinfosecurity.com Jump to article:…
North Korean Hackers Deploy Python-Based Trojan Targeting Crypto

Jun 19, 2025 5:36 PM

Tags: crypto, hacker, jobs, north-korea, rat

Python RAT PylangGhost, linked to Famous Chollima, targeted crypto professionals via fake job sites First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-hackers-python-trojan/
North Korea’s BlueNoroff uses AI deepfakes to push Mac malware in fake Zoom calls

Jun 19, 2025 3:36 PM

Tags: access, ai, attack, backdoor, control, crypto, data, deep-fake, defense, detection, edr, endpoint, injection, korea, least-privilege, macOS, malicious, malware, north-korea, threat, tool, training

Campaign delivers modular, persistent, Mac-specific malware: Huntress recovered a total of eight distinct malicious binaries, each with specific tasks. The primary implant, ‘Telegram 2’, was written in Nim and embedded itself as a macOS LaunchDaemon to maintain persistence. It acted as a launchpad for the real power tools, including Go-based ‘Root Troy V4’ backdoor and…
N. Korean Hackers Use PylangGhost Malware in Fake Crypto Job Scam

Jun 19, 2025 2:35 PM

Tags: access, blockchain, crypto, hacker, jobs, malware, north-korea, phishing, scam

North Korean hackers deploy PylangGhost malware through fake crypto job interviews targeting blockchain professionals with phishing and remote access tools. First seen on hackread.com Jump to article: hackread.com/n-korean-hackers-pylangghost-malware-crypo-job-scam/
BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with MacOS Backdoor Malware

Jun 19, 2025 2:35 PM

Tags: apple, attack, backdoor, crypto, cyber, deep-fake, korea, macOS, malware, north-korea, scam, threat

The North Korea-aligned threat actor known as BlueNoroff has been observed targeting an employee in the Web3 sector with deceptive Zoom calls featuring deepfaked company executives to trick them into installing malware on their Apple macOS devices.Huntress, which revealed details of the cyber intrusion, said the attack targeted an unnamed cryptocurrency foundation employee, who received…
U.S. Moves to Collect $7.74 Million Tied to N. Korea IT Worker Scam

Jun 17, 2025 6:54 PM

Tags: korea, north-korea, scam

The DOJ is moving to collect $7.74 million seized two years ago in connection with a criminal case involving an IT worker scam run by North Korean operatives. The case is one of many that have been running in the United States and elsewhere for almost a decade. First seen on securityboulevard.com Jump to article:…
U.S. Seizes $7.74M in Crypto Tied to North Korea’s Global Fake IT Worker Network

Jun 16, 2025 9:54 PM

Tags: crypto, exploit, korea, network, north-korea

The U.S. Department of Justice (DoJ) said it has filed a civil forfeiture complaint in federal court that targets over $7.74 million in cryptocurrency, non-fungible tokens (NFTs), and other digital assets allegedly linked to a global IT worker scheme orchestrated by North Korea.”For years, North Korea has exploited global remote IT contracting and cryptocurrency ecosystems…
North Korean APT Hackers Target Ukrainian Government Agencies to Steal Login Credentials

Jun 16, 2025 1:54 PM

Tags: apt, attack, credentials, cyber, government, group, hacker, login, north-korea, phishing, threat, ukraine

North Korean Advanced Persistent Threat (APT) hackers, specifically the Konni group, have shifted their focus to Ukrainian government agencies in a targeted phishing campaign aimed at stealing login credentials and distributing malware. This attack, observed in February 2025, marks a notable divergence from the group’s traditional targets and raises questions about potential strategic alliances with…
Cybersecurity Snapshot: NIST Offers Zero Trust Implementation Advice, While OpenAI Shares ChatGPT Misuse Incidents

Jun 13, 2025 7:54 PM

Tags: access, ai, attack, best-practice, breach, chatgpt, china, cloud, computer, computing, control, credentials, crime, cyber, cybercrime, cybersecurity, dark-web, data, deep-fake, defense, detection, encryption, endpoint, exploit, finance, fraud, government, guide, Hardware, identity, infrastructure, intelligence, Internet, iot, korea, law, least-privilege, linkedin, malicious, malware, military, ml, mobile, monitoring, network, nist, north-korea, openai, phishing, phone, programming, ransomware, risk, russia, scam, service, social-engineering, software, supply-chain, technology, theft, threat, tool, update, vulnerability, zero-trust

Check out NIST best practices for adopting a zero trust architecture. Plus, learn how OpenAI disrupted various attempts to abuse ChatGPT. In addition, find out what Tenable webinar attendees said about their exposure management experiences. And get the latest on cyber crime trends, a new cybersecurity executive order and more! Dive into six things that…
Is attacker laziness enabled by genAI shortcuts making them easier to catch?

Jun 11, 2025 5:55 AM

Tags: ai, attack, chatgpt, ciso, control, cyberattack, data, defense, detection, email, fraud, gartner, group, Hardware, infrastructure, jobs, korea, malicious, malware, monitoring, north-korea, open-source, openai, risk, russia, software, strategy, tactics, threat, tool, windows

Tactics of attackers: The OpenAI report, published in June, detailed a variety of defenses the company has deployed against fraudsters. One, for example, involved bogus job applications.”We identified and banned ChatGPT accounts associated with what appeared to be multiple suspected deceptive employment campaigns. These threat actors used OpenAI’s models to develop materials supporting what may…
OpenAI’s ChatGPT a Hit With Nation-State Hackers

Jun 10, 2025 7:55 PM

Tags: ai, chatgpt, china, hacker, intelligence, iran, korea, malicious, malware, north-korea, openai, russia, tool

Malicious Accounts Linked to Malware, Influence Operations. OpenAI is using its artificial intelligence models to detect and counter abuse and has banned accounts associated with malicious state-linked operations. Hackers aligned with Russia, China, North Korea and Iran have used OpenAI’s tools for malware development and social media manipulation. First seen on govinfosecurity.com Jump to article:…
North Korean APT Hackers Target Users on Social Media to Spread Malware

Jun 10, 2025 7:55 PM

Tags: apt, cyber, email, group, hacker, hacking, korea, malware, north-korea, threat

The Genians Security Center (GSC) has uncovered a highly sophisticated Advanced Persistent Threat (APT) campaign orchestrated by the North Korean state-sponsored hacking group Kimsuky. Active between March and April 2025, this campaign, identified as part of the notorious ‘AppleSeed’ operation, targets individuals in South Korea through a multi-pronged approach using Facebook, email, and Telegram. Sophisticated…
Kimsuky’s AppleSeed Returns: North Korea-Linked APT Targets Korean Users via Social Media

Jun 10, 2025 5:55 AM

Tags: apt, korea, north-korea

The post Kimsuky’s AppleSeed Returns: North Korea-Linked APT Targets Korean Users via Social Media appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/kimsukys-appleseed-returns-north-korea-linked-apt-targets-korean-users-via-social-media/
DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam

Jun 9, 2025 9:55 PM

Tags: crypto, finance, north-korea, scam

US seeks to seize $7.74M in crypto linked to North Korean fake IT worker schemes, per a new DOJ forfeiture complaint. The DOJ filed a civil forfeiture complaint for $7.74M in crypto tied to North Korean fake IT worker schemes linked to the indictment of North Korean Foreign Trade Bank (FTB) representative Sim Hyon Sop.…
U.S. Targets $7.7M in Crypto Tied to North Korean IT Worker Scam

Jun 9, 2025 4:54 PM

Tags: crypto, cyber, north-korea, scam

On June 5, 2025, the United States Department of Justice (DOJ) filed a verified civil forfeiture complaint in the US District Court for the District of Columbia, seeking to permanently seize over $7.7 million in cryptocurrency, non-fungible tokens (NFTs), and digital assets linked to a sophisticated global laundering operation orchestrated by North Korea. The assets…
US Tries to Claw Back $7m Taken by North Korean IT Workers

Jun 9, 2025 11:55 AM

Tags: north-korea

The Justice Department has filed a civil forfeiture complaint alleging North Korean IT workers amassed $7m+ First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-7m-taken-by-north-korean-it/
Kimsuky Strikes Again Coordinated Attacks Target Facebook, Email, and Telegram

Jun 9, 2025 8:54 AM

Tags: attack, crypto, cyber, defense, email, espionage, group, korea, north-korea, threat

A recent investigation by Genians Security Center (GSC) has uncovered a highly sophisticated, multi-channel cyber espionage campaign attributed to the North Korea-aligned advanced persistent threat (APT) group known as Kimsuky. Between March and April 2025, the group leveraged Facebook, email, and Telegram to infiltrate targets primarily within the defense sector, North Korea-related activists, and cryptocurrency…
Over $7.7M in crypto sequestered from North Korean IT worker scam

Jun 6, 2025 9:54 PM

Tags: crypto, north-korea, scam

First seen on scworld.com Jump to article: www.scworld.com/brief/over-7-7m-in-crypto-sequestered-from-north-korean-it-worker-scam
Microsoft startet neues europäisches Sicherheitsprogramm

Jun 6, 2025 3:55 PM

Tags: ai, china, crime, crimes, cyber, cyberattack, cybercrime, cyberespionage, cyersecurity, deep-fake, governance, government, guide, infrastructure, intelligence, iran, LLM, microsoft, north-korea, open-source, ransomware, resilience, service, social-engineering, supply-chain, threat, ukraine, update, usa, vulnerability

Microsoft will die Cybersicherheit in Europa stärken.Microsoft warnt davor, dass sich Ransomware-Gruppen und staatlich geförderte Akteure aus Russland, China, dem Iran und Nordkorea in Umfang und Raffinesse stetig weiterentwickeln. Europa dürfe daher nicht zögern, seine Verteidigungsmechanismen zu stärken. Der Tech-Konzern will deshalb mit einer neuen Initiative bestehende Schutzprogramme erweitern und gezielt auf europäische Bedürfnisse eingehen.Das…
Uncle Sam moves to seize $7.7M laundered by North Korean IT worker ring

Jun 6, 2025 3:55 PM

Tags: north-korea

The cash has been frozen for more than two years First seen on theregister.com Jump to article: www.theregister.com/2025/06/06/north_korea_it_worker_cash/