Tag: north-korea
-
U.S. Shuts Down Another N. Korean IT Worker Scam, Indicting 5
The DOJ, which has move aggressively over the past year to find and shut down North Korea’s numerous IT worker scams, indicts two U.S. citizens and three others for running a six-year operation the stole more than $866,000 from 10 U.S. companies that thought they were hiring legitimate IT pros. First seen on securityboulevard.com Jump…
-
Privacy Roundup: Week 4 of Year 2025
Tags: access, ai, apt, attack, backup, botnet, breach, cctv, cve, cybersecurity, data, data-breach, detection, email, exploit, firmware, flaw, google, group, identity, infrastructure, korea, lazarus, leak, login, malicious, malware, north-korea, phishing, phone, privacy, regulation, remote-code-execution, risk, router, scam, service, software, startup, technology, threat, tool, update, virus, vulnerability, windowsThis is a news item roundup of privacy or privacy-related news items for 19 JAN 2025 – 25 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
DOJ indicts 5 individuals in North Korea IT worker scam
An unsealed indictment revealed threat actors working for North Korea tricked at least 64 U.S. businesses into hiring fake IT workers for financial and propriety data gains. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366618500/DOJ-indicts-5-individuals-in-North-Korea-IT-worker-scam
-
DOJ indicts two Americans for running laptop farm used in North Korea IT worker scam
The Justice Department indicted five people for their role in a scheme that allowed North Koreans to gain employment with at least 64 U.S. companies and earn hundreds of thousands of dollars for Pyongyang’s government. ]]> First seen on therecord.media Jump to article: therecord.media/doj-indicts-americans-for-running-laptop-farm-north-korea-scheme
-
Breach Roundup: Researchers Find Flaws in Palo Alto Firewalls
Also: US Prosecutors Charge Suspected North Korean IT Worker Collaborators. This week, researchers spied Palo Alto firewall flaws, a North Korean IT worker conspiracy, ChatGPT as DDoS vector. Chinese hackers targeted a VPN maker, a fake PyPi package and a Russian threat actor shifted tactics. BreachForums admin faces prison and scammers used the release of…
-
DOJ indicts five in North Korean fake IT worker scheme
The department alleges that a North Carolina-based laptop farm enabled access for two North Korean nationals over the course of the scheme. First seen on cyberscoop.com Jump to article: cyberscoop.com/doj-indicts-five-in-north-korean-fake-it-worker-scheme/
-
FBI: North Korean IT workers steal source code to extort employers
The FBI warned today that North Korean IT workers are abusing their access to steal source code and extort U.S. companies that have been tricked into hiring them. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-north-korean-it-workers-steal-source-code-to-extort-employers/
-
Japanese Companies Threatened by DPRK IT Workers
Nisos Japanese Companies Threatened by DPRK IT Workers The Japanese government warned domestic companies in March 2024 about contracting North Korean (DPRK) IT workers posing as Japanese nationals to earn cash, as it is suspected… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/japanese-companies-threatened-by-dprk-it-workers/
-
US hits back against China’s Salt Typhoon group
Tags: attack, backdoor, china, cisa, ciso, communications, computer, control, crypto, cve, cyber, cyberattack, cybersecurity, defense, detection, disinformation, espionage, exploit, finance, government, group, infosec, infrastructure, intelligence, ivanti, law, malicious, mandiant, microsoft, network, north-korea, office, tactics, technology, theft, threat, tool, vpn, vulnerabilityThe US is hitting back against the threat group, dubbed Salt Typhoon by Microsoft, which is allegedly behind recent cyber attacks against American telecommunications providers, as part of a wider campaign against Chinese-based hacking.On Friday the Department of the Treasury’s Office of Foreign Assets Control (OFAC) said it is sanctioning Sichuan Juxinhe Network Technology, a…
-
Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99
The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to deliver malware.”The campaign begins with fake recruiters, posing on platforms like LinkedIn, luring developers with project tests and code reviews,” Ryan Sherstobitoff, senior vice president of…
-
North Korea’s Lazarus APT Evolves Developer-Recruitment Attacks
Operation 99 uses job postings to lure freelance software developers into downloading malicious Git repositories. From there, malware infiltrates developer projects to steal source code, secrets, and cryptocurrency. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/north-korea-lazarus-apt-developer-recruitment-attacks
-
US, Japan and S. Korea urge crypto industry to take action against North Korean hackers
The governments said North Korea’s notorious Lazarus Group hackers “continue to demonstrate a pattern of malicious behavior in cyberspace by conducting numerous cybercrime campaigns to steal cryptocurrency and targeting exchanges, digital asset custodians, and individual users.”]]> First seen on therecord.media Jump to article: therecord.media/us-japan-south-korea-urge-crypto-industry-of-north-korean-hackers
-
Crypto klepto North Korea stole $659M over just 5 heists last year
US, Japan, South Korea vow to intensify counter efforts First seen on theregister.com Jump to article: www.theregister.com/2025/01/15/north_korea_crypto_heists/
-
North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains
Cybersecurity researchers have identified infrastructure links between the North Korean threat actors behind the fraudulent IT worker schemes and a 2016 crowdfunding scam.The new evidence suggests that Pyongyang-based threamoret groups may have pulled off illicit money-making scams that predate the use of IT workers, SecureWorks Counter Threat Unit (CTU) said in a report shared with…
-
US, Japan, South Korea Blame North Korean Hackers for $660M Crypto Heists
The US, Japan, and South Korea say North Korean hackers stole roughly $660 million in cryptocurrency last year. The post US, Japan, South Korea Blame North Korean Hackers for $660M Crypto Heists appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/us-japan-south-korea-blame-north-korean-hackers-for-660m-crypto-heists/
-
Secureworks Exposes North Korean Links to Fraudulent Crowdfunding
Secureworks Counter Threat Unit (CTU) has identified links between North Korean IT workers and fraudulent crowdfunding activities, with the group known as Nickle Tapestry orchestrating scams to support North Korean interests First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-links-fraudulent/
-
Millions Stolen: North Korea Hackers Target Blockchain Industry
The United States, Japan, and the Republic of Korea have joined forces to issue a stark warning to First seen on securityonline.info Jump to article: securityonline.info/millions-stolen-north-korea-hackers-target-blockchain-industry/
-
US govt says North Korea stole over $659 million in crypto last year
North Korean state-backed hacking groups have stolen over $659 million worth of cryptocurrency in multiple crypto-heists, according to a joint statement issued by the United States, South Korea, and Japan on Tuesday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-govt-says-north-korea-stole-over-659-million-in-crypto-last-year/
-
US government charges operators of crypto mixing service used by North Korea and ransomware gangs
Three Russian citizens were charged with money laundering for their role in operating Blender.io and Sinbad.io crypto mixing services. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/10/us-government-charges-operators-of-crypto-mixing-service-used-by-north-korea-and-ransomware-gangs/
-
US charges operators of cryptomixers linked to ransomware gangs
The U.S. Department of Justice indicted three operators of sanctioned Blender.io and Sinbad.io crypto mixer services used by ransomware gangs and North Korean hackers to launder ransoms and stolen cryptocurrency. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-charges-operators-of-cryptomixers-linked-to-ransomware-gangs/
-
The deepfake threat just got a little more personal
Tags: access, ai, api, business, cybercrime, deep-fake, finance, google, jobs, north-korea, scam, technology, threatA two-hour conversation with an AI model is enough to create a fairly accurate image of a real person’s personality, according to researchers from Google and Stanford University.As part of a recent study, the researchers were able to generate “simulation agents”, essentially AI replicas, of 1,052 people based on two-hour interviews with each participant. These…
-
North Korean Hackers Wipe Cryptocurrency Wallets via Fake Job Interviews
Tags: attack, crypto, cyber, cyberattack, cybersecurity, exploit, hacker, jobs, linkedin, north-korea, phishing, tactics, threatCybersecurity experts have uncovered a new wave of cyberattacks linked to North Korean threat actors targeting cryptocurrency wallets in an operation dubbed the >>Contagious Interview
-
Breach Roundup: MetLife Denies RansomHub Cyberattack Claims
Also: German Prosecutors Charge Three Alleged Russian Saboteurs. This week, MetLife denied a RansomHub cyberattack claim, RI Health System cyberattack update, npm package deployed Quasar RAT, Germany charges three with espionage for Russia, North Korea’s contagious interview campaign deployed new malware. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-metlife-denies-ransomhub-cyberattack-claims-a-27199
-
New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy
The U.S. Department of Justice (DoJ) has issued a final rule carrying out Executive Order (EO) 14117, which prevents mass transfer of citizens’ personal data to countries of concern such as China (including Hong Kong and Macau), Cuba, Iran, North Korea, Russia, and Venezuela.”This final rule is a crucial step forward in addressing the extraordinary…
-
Security Affairs newsletter Round 504 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Pro-Russia group NoName targeted the websites of Italian airports North Korea actors use OtterCookie malware in Contagious Interview…
-
North Korea actors use OtterCookie malware in Contagious Interview campaign
North Korea-linked threat actors are using the OtterCookie backdoor to target software developers with fake job offers. North Korea-linked threat actors were spotted using new malware called OtterCookie as part of the Contagious Interview campaign that targets software developer community with fake job offers. The Contagious Interview campaign was first detailed by Palo Alto Networks…
-
North Korean hackers, organization sanctioned over illicit cyber activities
First seen on scworld.com Jump to article: www.scworld.com/brief/north-korean-hackers-organization-sanctioned-over-illicit-cyber-activities