Tag: north-korea
-
North Korean Hackers Deploy BeaverTailOtterCookie Combo for Keylogging Attacks
Researchers at Cisco Talos have uncovered a sophisticated campaign by the Famous Chollima subgroup of Lazarus, wherein attackers deploy blended JavaScript tools”, BeaverTail and OtterCookie”, to carry out stealthy keylogging, screenshot capture, and data exfiltration. This cluster of activity, part of the broader “Contagious Interview” operation, has evolved significantly since first noted, blurring lines between…
-
North Korean Hackers Deploy BeaverTailOtterCookie Combo for Keylogging Attacks
Researchers at Cisco Talos have uncovered a sophisticated campaign by the Famous Chollima subgroup of Lazarus, wherein attackers deploy blended JavaScript tools”, BeaverTail and OtterCookie”, to carry out stealthy keylogging, screenshot capture, and data exfiltration. This cluster of activity, part of the broader “Contagious Interview” operation, has evolved significantly since first noted, blurring lines between…
-
BeaverTail and OtterCookie evolve with a new Javascript module
Cisco Talos has uncovered a new attack linked to Famous Chollima, a threat group aligned with North Korea (DPRK). First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/beavertail-and-ottercookie/
-
338 Malicious npm Packages Linked to North Korean Hackers
North Korean hackers used fake job offers and malicious npm packages to infect developers and steal cryptocurrency. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/338-malicious-npm-packages-linked-to-north-korean-hackers/
-
North Korean IT Workers Use VPNs and Laptop Farms to Evade Identity Verification
In a sprawling network of covert remote labor, more than 10,000 North Korean IT professionals have infiltrated global technology and freelance marketplaces by exploiting VPNs, virtual private servers (VPS), and so-called “laptop farms” to conceal their true origins. State-backed cyber units employ these operatives to generate revenue for sanctioned weapons programs and gather intelligence across…
-
North Korean APT >>Contagious Interview<< Floods npm Registry with 338 Malicious Packages to Steal Crypto
The post North Korean APT >>Contagious Interview
-
North Korean APT >>Contagious Interview<< Floods npm Registry with 338 Malicious Packages to Steal Crypto
The post North Korean APT >>Contagious Interview
-
North Korean Scammers Are Doing Architectural Design Now
New research shows that North Koreans appear to be trying to trick US companies into hiring them to develop architectural designs using fake profiles, résumés, and Social Security numbers. First seen on wired.com Jump to article: www.wired.com/story/north-korean-scammers-are-doing-architectural-design-now/
-
Cryptohack Roundup: $21M SBI Crypto Heist
Also: Shibarium Plans to Reimburse Victims, $1.8M Abracadabra Hack. This week, hackers stole $21 million from SBI crypto, Shibarium planned reimbursement for $4 million bridge exploit victims, Abracadabra lost $1.8 million in a hack and North Korean threat actors have set a new record stealing $2 billion this year so far. First seen on govinfosecurity.com…
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
North Korean hackers stole over $2 billion in cryptocurrency this year
North Korean hackers have stolen more than $2 billion in cryptocurrency in 2025, according to blockchain analytics firm Elliptic, and the year isn’t over yet. Though … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/08/north-korean-hackers-cryptocurrency-theft/
-
Bybit Theft Drives Record-Breaking $2bn Haul for North Korea
North Korean hackers have stolen over $2bn in cryptocurrency already this year, says Elliptic First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bybit-recordbreaking-2bn-north/
-
Bybit Theft Drives Record-Breaking $2bn Haul for North Korea
North Korean hackers have stolen over $2bn in cryptocurrency already this year, says Elliptic First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bybit-recordbreaking-2bn-north/
-
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks
Tags: access, ai, chatgpt, china, credentials, cyberattack, hacker, intelligence, malware, north-korea, openai, russia, threat, toolOpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development.This includes a Russian”‘language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan (RAT), a credential stealer with an aim to evade detection. The operator…
-
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks
Tags: access, ai, chatgpt, china, credentials, cyberattack, hacker, intelligence, malware, north-korea, openai, russia, threat, toolOpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development.This includes a Russian”‘language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan (RAT), a credential stealer with an aim to evade detection. The operator…
-
North Korean hackers stole over $2 billion in crypto this year
North Korean hackers have stolen an estimated $2 billion worth of cryptocurrency assets in 2025, marking the largest annual total on record. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/cryptocurrency/north-korean-hackers-stole-over-2-billion-in-crypto-this-year/
-
North Korean hackers stole over $2 billion in crypto so far in 2025, researchers say
Blockchain monitoring firm Elliptic said this year’s total is already an all-time record for the North Korean regime. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/07/north-korean-hackers-stole-over-2-billion-in-crypto-so-far-in-2025-researchers-say/
-
North Korea IT worker scheme swells beyond US companies
Okta Threat Intelligence uncovered a large-scale and sustained operation, reflecting the North Korean regime’s pursuit of any opportunity that allows for remote employment. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korea-it-worker-global-scheme-okta/
-
North Korea Fake Job Recruiters Up Their Backdoor Game
Eset: Lazarus Group Shares Backdoor With Newer Pyongyang Threat Actor. A gang of North Korean hackers behind fake IT job recruitment scams now have access to a remote access Trojan favored by their more technically advanced counterparts tracked collectively as the Lazarus Group, say security researchers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korea-fake-job-recruiters-up-their-backdoor-game-a-29586
-
Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks
Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on the intertwined operations of the DeceptiveDevelopment cybercrime syndicate and the WageMole activity cluster, revealing a hybrid threat that marries…
-
Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks
Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on the intertwined operations of the DeceptiveDevelopment cybercrime syndicate and the WageMole activity cluster, revealing a hybrid threat that marries…
-
North Korea’s Lazarus Group shares its malware with IT work scammers
Keeping Pyongyang’s coffers full First seen on theregister.com Jump to article: www.theregister.com/2025/09/25/lazarus_group_shares_malware_with_it_scammers/
-
North Korean IT workers use fake profiles to steal crypto
ESET Research has published new findings on DeceptiveDevelopment, also called Contagious Interview. This North Korea-aligned group has become more active in recent years and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/25/north-korea-fake-profiles-crypto-theft/
-
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers
The North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor.Slovak cybersecurity firm ESET, which is tracking the activity under the name DeceptiveDevelopment, said the campaign targets software developers across all operating systems, Windows, First seen on thehackernews.com…