Tag: north-korea
-
North Korean IT Worker Network Tied to BeaverTail Phishing Campaign
BeaverTail malware has been used to target tech job seekers through fake recruiters, Palo Alto Networks’ Unit 42 has found First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-it-worker-beavertail/
-
North Korea’s Lazarus observed testing new macOS trojan in the wild
First seen on scworld.com Jump to article: www.scworld.com/news/north-koreans-lazarus-observed-testing-new-macos-trojan-in-the-wild
-
Iranian Threat Actors Mimic North Korean Job Scam Techniques
Tehran Baits Aerospace Sector into Downloading Malware With Fake Job Offers. Iranian state hackers are taking a page out of North Korean tactics to entice job seekers into downloading malware, with security researchers spotting a Tehran campaign directed against the aerospace industry. It’s possible that Pyongyang shared its attack methods and tools. First seen on…
-
North Korean’s Lazarus observed testing new macOS trojan in the wild
First seen on scworld.com Jump to article: www.scworld.com/news/lazarus-observed-testing-new-macos-trojan-in-the-wild
-
Biz hired, and fired, a fake North Korean IT worker then the ransom demands began
First seen on theregister.com Jump to article: www.theregister.com/2024/10/18/ransom_fake_it_worker_scam/
-
New RustyAttr Malware Targets macOS Through Extended Attribute Abuse
Threat actors have been found leveraging a new technique that abuses extended attributes for macOS files to smuggle a new malware called RustyAttr.The Singaporean cybersecurity company has attributed the novel activity with moderate confidence to the infamous North Korea-linked Lazarus Group, citing infrastructure and tactical overlaps observed in connection with prior campaigns, including First seen…
-
RustyAttr Trojan: Lazarus Group’s New macOS Malware Evades Antivirus with Ease
Researchers at Group-IB have discovered a new stealth technique employed by the North Korean APT group Lazarus, targeting macOS systems through a unique code-smuggling method. Known for its sophisticated cyber-espionage... First seen on securityonline.info Jump to article: securityonline.info/rustyattr-trojan-lazarus-groups-new-macos-malware-evades-antivirus-with-ease/
-
Aerospace employees targeted with malicious >>dream job<< offers
It’s not just North Korean hackers who reach out to targets via LinkedIn: since at least September 2023, Iranian threat actor TA455 has been trying to compromise workers … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/13/malicious-job-offers-aerospace/
-
Iranian Hackers Use “Dream Job” Lures to Deploy SnailResin Malware in Aerospace Attacks
The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group’s playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023.”The campaign distributed the SnailResin malware, which activates the SlugResin backdoor,” Israeli…
-
North Korean hackers create Flutter apps to bypass macOS security
North Korean threat actors target Apple macOS systems using trojanized Notepad apps and minesweeper games created with Flutter, which are signed and notarized by legitimate Apple developer IDs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-create-flutter-apps-to-bypass-macos-security/
-
North Korean-linked hackers were caught experimenting with new macOS malware
Researchers can’t tell if the malware was used in a campaign, or North Korean operatives were caught before they could deploy it in the wild. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korea-macos-malware-flutter-jamf/
-
North Korean Hackers Target macOS Using Flutter-Embedded Malware
Threat actors with ties to the Democratic People’s Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices.Jamf Threat Labs, which made the discovery based on artifacts uploaded to the VirusTotal platform earlier…
-
North Korea Hackers Leverage Flutter to Deliver macOS Malware
Jamf observed North Korean attackers embedding malware within Flutter applications to target macOS devices, potentially to test a new way of weaponizing malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-hackers-flutter-macos/
-
New Keylogger Targeting U.S. Organizations Linked to North Korean APT Group Andariel
A recent analysis from Hybrid Analysis, led by security researcher Vlad Pasca, reveals a newly identified keylogger malware attributed to the North Ko… First seen on securityonline.info Jump to article: securityonline.info/new-keylogger-targeting-u-s-organizations-linked-to-north-korean-apt-group-andariel/
-
North Korean Hackers Employing New Tactic To Acruire Remote Jobs
North Korean threat actors behind the Contagious Interview and WageMole campaigns have refined their tactics, enhancing the obfuscation of their scrip… First seen on gbhackers.com Jump to article: gbhackers.com/north-korean-hackers-remote-tactics/
-
North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack
Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financi… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/north-korean-group-collaborates-with.html
-
A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine
South Korea claims Pro-Russia actors intensified cyberattacks on national sites after it decided to monitor North Korean troops in Ukraine. South Korea’s government blames pro-Russia threat actors for an intensification of cyberattacks on national sites after it decided to monitor North Korean troops in Ukraine. South Korea reports that over 10,000 North Korean troops are…
-
BlueNoroff’s New MacOS Threat: “Hidden Risk” Targets Crypto Enthusiasts
In a disturbing revelation from SentinelLabs, North Korean-affiliated threat actors, suspected to be linked to the notorious BlueNoroff APT, are actively targeting cryptocurrency businesses and macOS users. Dubbed the ‘Hidden... First seen on securityonline.info Jump to article: securityonline.info/bluenoroffs-new-macos-threat-hidden-risk-targets-crypto-enthusiasts/
-
Pro-Russian Hacktivists Target South Korea as North Korea Joins Ukraine War
South Korea warned that pro-Russian groups have attacked government and private sector websites following the deployment of North Korean soldiers in Ukraine First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-hacktivits-south-korea/
-
Seoul accuses pro-Kremlin hackers of attacking websites over decision to monitor North Korean troops in Ukraine
First seen on therecord.media Jump to article: therecord.media/seoul-accuses-pro-kremlin-hackers-of-attacking-websites-ukraine
-
North Korean Actor Deploys Novel Malware Campaign Against Crypto Firms
SentinelLabs observed the North Korean group BlueNoroff targeting crypto firms via a multi-stage malware campaign which utilizes a novel persistence mechanism First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-novel-malware-crypto/
-
North Korea allegedly targeting crypto businesses with Mac-focused malware
First seen on therecord.media Jump to article: therecord.media/north-korea-bluenoroff-mac-malware-crypto-industry
-
North Korean hackers use new macOS malware against crypto firms
North Korean threat actor BlueNoroff has been targeting crypto-related businesses with a new multi-stage malware for macOS systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-use-new-macos-malware-against-crypto-firms/
-
North Korea’s Andariel Pivots to ‘Play’ Ransomware Games
The prominent state-sponsored advanced persistent threat (APT), aka Jumpy Pisces, appears to be moving away from its primary cyber-espionage motives a… First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/north-korea-andariel-play-ransomware
-
North Korean Hackers Target macOS Users
North Korean cryptocurrency thieves caught targeting macOS with fake PDF applications, backdoors and new persistence tactics. The post North Korean Hackers Target macOS Users appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-hackers-target-macos-users-with-fake-crypto-pdfs/
-
North Korean Hackers Target macOS Users with Fake Crypto PDFs
North Korean cryptocurrency thieves caught targeting macOS with fake PDF applications, backdoors and new persistence tactics. The post North Korean Hackers Target macOS Users with Fake Crypto PDFs appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-hackers-target-macos-users-with-fake-crypto-pdfs/
-
DPRK-linked BlueNoroff used macOS malware with novel persistence
SentinelLabs observed North Korea-linked threat actor BlueNoroff targeting businesses in the crypto industry with a new multi-stage malware. SentinelLabs researchers identified a North Korea-linked threat actor targeting crypto businesses with new macOS malware as part of a campaign tracked as >>Hidden Risk.
-
North Korean Hackers Use Fake News to Spread ‘Hidden Risk’ Malware
North Korean hackers are targeting cryptocurrency businesses with a sophisticated new malware campaign, dubbed >>Hidden Risk.
-
North Korean hackers employ new tactics to compromise crypto-related businesses
North Korean hackers are targeting crypto-related businesses with phishing emails and novel macOS-specific malware. The crypto-related phishing campaign Since July 2024, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/07/north-korean-crypto-related-phishing/
-
Contagious Interview WageMole: North Korea’s New Cyber Espionage Campaigns
In a recent report, Zscaler ThreatLabz uncovers the creative yet deceptive strategies used by North Korean threat actors to infiltrate Western job markets. Through two interconnected campaigns”, Contagious Interview and WageMole”, these... First seen on securityonline.info Jump to article: securityonline.info/contagious-interview-wagemole-north-koreas-new-cyber-espionage-campaigns/