Tag: north-korea

‘Moonstone Sleet’ APT Melds Espionage, Financial Goals

Jun 6, 2024 7:04 PM

Tags: apt, cybercrime, espionage, finance, korea, microsoft, north-korea, threat

North Korea’s newest threat actor uses every trick in the nation-state APT playbook, and most of cybercrime’s tricks, too. It also developed a whole v… First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/microsoft-moonlight-sleet-apt-melds-espionage-financial-goals
An American Company Enabled a North Korean Scam That Raised Money for WMDs

Jun 5, 2024 3:03 PM

Tags: corporate, fraud, north-korea, scam

Wyoming’s secretary of state has proposed ways of preventing fraud and abuse of corporate filings by commercial registered agents in the aftermath of … First seen on wired.com Jump to article: www.wired.com/story/registered-agents-north-korean-scam-wmds/
New North Korean Hacking Group Identified by Microsoft

Jun 4, 2024 4:04 PM

Tags: group, hacking, microsoft, north-korea

First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-north-korean-hacking-group/
North Korea Building Cash Reserves Using Ransomware, Video Games

Jun 4, 2024 3:03 PM

Tags: korea, north-korea, ransomware

First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35934/North-Korea-Building-Cash-Reserves-Using-Ransomware-Video-Games.html
Moonstone Sleet: A new North Korean threat actor

Jun 2, 2024 9:03 AM

Tags: cyberespionage, microsoft, north-korea, ransomware, threat

Microsoft has named yet another state-aligned threat actor: Moonstone Sleet (formerly Storm-1789), which engages in cyberespionage and ransomware atta… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/05/29/moonstone-sleet-north-korean-threat-actor/
RedTail Cryptomining Malware Exploits PAN-OS Vulnerability

May 31, 2024 10:03 PM

Tags: exploit, korea, lazarus, malware, north-korea, tactics, threat, vulnerability

Threat Actors Mirror the Tactics of North Korea’s Lazarus Group. Cryptomining malware that might be North Korean in origin is targeting edge devices, … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/redtail-cryptomining-malware-exploits-pan-os-vulnerability-a-25371
Novel FakePenny ransomware deployed by North Korean hacking group

May 31, 2024 9:03 PM

Tags: group, hacking, north-korea, ransomware

First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/novel-fakepenny-ransomware-deployed-by-north-korean-hacking-group
North Korea’s ‘Moonstone Sleet’ targets victims with malicious tools

May 31, 2024 9:03 PM

Tags: korea, malicious, north-korea, tool

First seen on scmagazine.com Jump to article: www.scmagazine.com/news/north-koreas-moonstone-sleet-targets-victims-with-malicious-tools
Alert: Kimsuky Hacking Group Targets Human Rights Activists

May 31, 2024 6:03 PM

Tags: attack, group, hacking, korea, north-korea, social-engineering

As per recent reports a new social engineering attack attributed to the North Korea-linked Kimsuky hacking group is targeting human rights activists u… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/alert-kimsuky-hacking-group-targets-human-rights-activists/
RedTail Malware Abuses Palo Alto Flaw in Latest Cryptomining Campaign

May 30, 2024 10:04 PM

Tags: exploit, flaw, group, hacker, korea, lazarus, malware, network, north-korea, vulnerability

Hackers with possible ties to the notorious North Korea-linked Lazarus Group are exploiting a recent critical vulnerability in Palo Alto Network’s PAN… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/redtail-malware-abuses-palo-alto-flaw-in-latest-cryptomining-campaign/
New North Korean Threat Actor Engaging in Espionage, Revenue Generation Attacks

May 30, 2024 2:03 PM

Tags: attack, espionage, microsoft, north-korea, tactics, threat

Microsoft dives into the tactics, techniques, and procedures of North Korean threat actor Moonstone Sleet. The post t dives into the tactics, techniqu… First seen on securityweek.com Jump to article: www.securityweek.com/new-north-korean-threat-actor-engaging-in-espionage-revenue-generation-attacks/
Microsoft links North Korean hackers to new FakePenny ransomware

May 30, 2024 12:13 AM

Tags: attack, group, hacker, hacking, microsoft, north-korea, ransomware

‹Microsoft has linked a North Korean hacking group it tracks as Moonstone Sleet to FakePenny ransomware attacks, which have led to millions of dollars… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-links-moonstone-sleet-north-korean-hackers-to-new-fakepenny-ransomware/
Microsoft Warns of North Korea’s ‘Moonstone Sleet’

May 29, 2024 10:13 PM

Tags: group, hacking, korea, microsoft, north-korea, threat

Pyongyang Threat Actor Is After Money and Information. A North Korean hacking group wants to make money for the cash-starved Pyongyang regime and cond… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/microsoft-warns-north-koreas-moonstone-sleet-a-25344
DoJ Shakes Up North Korea’s Widespread IT Freelance Scam Operation

May 29, 2024 4:13 PM

Tags: group, korea, north-korea, scam

Fraudsters based in the US and Europe indicted for helping North Korea’s nation-state groups establish fake freelancer identities and evade sanctions…. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/doj-targets-north-koreas-widespread-it-freelance-scam-operation
Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks

May 28, 2024 1:21 PM

Tags: apt, attack, backdoor, cyber, group, korea, linux, north-korea, threat

The Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea’s Reconnaissance General Bureau (RGB), has been ob… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/kimsuky-apt-deploying-linux-backdoor.html
North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign

May 28, 2024 8:21 AM

Tags: attack, exploit, group, hacker, hacking, korea, malware, north-korea, social-engineering

The North Korea-linked Kimsuky hacking group has been attributed to a new social engineering attack that employs fictitious Facebook accounts to targe… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/north-korean-hackers-exploit-facebook.html
North Korean Hackers Hijacked Military Officials Personal Email

May 22, 2024 1:08 PM

Tags: defense, email, group, hacker, hacking, military, north-korea

North Korean hacking groups are suspected of hijacking the personal email accounts of high-ranking military officials. The Defense Ministry confirmed … First seen on gbhackers.com Jump to article: gbhackers.com/north-korean-hackers-hijacked/
Feds Bust N. Korean Identity Theft Ring Targeting US Firms

May 22, 2024 11:08 AM

Tags: breach, cybercrime, identity, korea, north-korea, theft

North Korea targeted US companies with stolen identities in a cybercrime scheme. The Justice Department cracks down, seizes websites, and disrupts rev… First seen on hackread.com Jump to article: www.hackread.com/feds-bust-n-korean-identity-theft-ring-us-firms/
North Korea-linked Kimsuky used a new Linux backdoor in recent attacks

May 22, 2024 10:08 AM

Tags: apt, attack, backdoor, korea, linux, north-korea

Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea. Symantec… First seen on securityaffairs.com Jump to article: securityaffairs.com/163364/apt/kimsuky-new-linux-backdoor.html
North Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto Firms

May 22, 2024 7:09 AM

Tags: crypto, hacker, malware, north-korea, threat

The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of h… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/north-korean-hackers-deploy-new-golang.html
North Korea-linked IT workers infiltrated hundreds of US firms

May 21, 2024 10:09 PM

Tags: korea, north-korea

The U.S. Justice Department charged five individuals, including a U.S. woman, for aiding North Korea-linked IT workers to infiltrate 300 firms. The Ju… First seen on securityaffairs.com Jump to article: securityaffairs.com/163349/intelligence/north-korea-linked-it-workers-infiltrated-us-firms.html
US exposes scheme enabling North Korean IT workers to bypass sanctions

May 21, 2024 1:08 PM

Tags: north-korea

The US Justice Department had unsealed charges against a US woman and an Ukranian man who, along with three unidentified foreign nationals, have alleg… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/05/17/north-korean-it-workers/
US woman allegedly aided North Korean IT workers infiltrate 300 firms

May 20, 2024 4:46 PM

Tags: north-korea, ukraine

‹The U.S. Justice Department charged five individuals today, a U.S. Citizen woman, a Ukrainian man, and three foreign nationals, for their involvement… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/five-arizona-ukraine-charged-for-cyber-schemes-infiltrating-over-300-companies-to-benefit-north-koreas-weapons-program/
U.S. Govt Announces Rewards up to $5 Million for North Korean IT Workers

May 20, 2024 2:47 PM

Tags: government, north-korea

The U.S. government has offered a prize of up to $5 million for information that leads to the arrest and severance of North Korean IT workers working … First seen on gbhackers.com Jump to article: gbhackers.com/u-s-govt-announces-rewards/
North Korea-linked Kimsuky APT attack targets victims via Messenger

May 20, 2024 12:46 PM

Tags: apt, attack, korea, north-korea

North Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware. Researchers at Genius Securi… First seen on securityaffairs.com Jump to article: securityaffairs.com/163265/apt/north-korea-kimsuky-apt-uses-messenger.html
Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms

May 20, 2024 12:46 PM

Tags: government, north-korea

The US government has announced charges, seizures, arrests and rewards as part of an effort to disrupt a scheme that generates revenue for North Korea… First seen on securityweek.com Jump to article: www.securityweek.com/woman-accused-of-helping-north-korean-it-workers-infiltrate-hundreds-of-us-firms/
Arrests made in North Korean remote job scam targeting US firms

May 19, 2024 9:43 PM

Tags: jobs, north-korea, scam

First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/arrests-made-in-north-korean-remote-job-scam-targeting-us-firms
North Korea IT Worker Scam Brings Malware and Funds Nukes

May 19, 2024 11:43 AM

Tags: hacker, jobs, korea, malware, north-korea, scam

WTH? DPRK IT WFH: Justice Department says N. Korean hackers are getting remote IT jobs, posing as Americans. The post K IT WFH: Justice Department say… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/dprk-remote-it-jobs-richixbw/
Kimsuky hackers deploy new Linux backdoor in attacks on South Korea

May 18, 2024 6:43 PM

Tags: attack, backdoor, group, hacker, korea, linux, malware, north-korea

The North Korean hacker group Kimsuki has been using a new Linux malware called Gomir that is a version of the GoBear backdoor delivered via trojanize… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kimsuky-hackers-deploy-new-linux-backdoor-in-attacks-on-south-korea/
UN report exposes North Korean cyberattacks, crypto laundering spree

May 17, 2024 9:44 PM

Tags: crypto, cyberattack, north-korea

First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/un-report-exposes-north-korean-cyberattacks-crypto-laundering-spree