Security News > 2023 > February > North Korean hackers stole research data in two-month-long breach
A new cyber espionage campaign dubbed 'No Pineapple!' has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction.
The campaign is named after the '' error seen transmitted by a remote access malware when uploading stolen data to the threat actor's servers.
After successfully breaching the network, the hackers deployed the tunneling tools 'Plink and '3Proxy' to create reverse tunnels back to the threat actors' infrastructure, allowing the threat actors to bypass the firewall.
Over the next two months, the threat actors spread laterally through the network, acquiring administrator credentials and stealing data from devices.
The attack culminated on November 5th, 2022, with the actors lurking in the network for over two months and ultimately stealing 100GB of data from the compromised organization.
WithSecure's report is another indication of Lazarus' activity, with the threat group continuing its efforts to gather intelligence and exfiltrate large amounts of data from high-profile victims.
News URL
Related news
- Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network (source)
- North Korean hackers now launder stolen crypto via YoMix tumbler (source)
- North Korean hackers linked to defense sector supply-chain attack (source)
- New Report Reveals North Korean Hackers Targeting Defense Firms Worldwide (source)
- North Korean Hackers Targeting Developers with Malicious npm Packages (source)
- Japan warns of malicious PyPi packages created by North Korean hackers (source)
- Chinese Earth Krahang hackers breach 70 orgs in 23 countries (source)
- Russia Hackers Using TinyTurla-NG to Breach European NGO's Systems (source)
- Hackers exploit Ray framework flaw to breach servers, hijack resources (source)
- Finland confirms APT31 hackers behind 2021 parliament breach (source)