Security News > 2023 > February > North Korean hackers stole research data in two-month-long breach

North Korean hackers stole research data in two-month-long breach
2023-02-02 17:56

A new cyber espionage campaign dubbed 'No Pineapple!' has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction.

The campaign is named after the '' error seen transmitted by a remote access malware when uploading stolen data to the threat actor's servers.

After successfully breaching the network, the hackers deployed the tunneling tools 'Plink and '3Proxy' to create reverse tunnels back to the threat actors' infrastructure, allowing the threat actors to bypass the firewall.

Over the next two months, the threat actors spread laterally through the network, acquiring administrator credentials and stealing data from devices.

The attack culminated on November 5th, 2022, with the actors lurking in the network for over two months and ultimately stealing 100GB of data from the compromised organization.

WithSecure's report is another indication of Lazarus' activity, with the threat group continuing its efforts to gather intelligence and exfiltrate large amounts of data from high-profile victims.


News URL

https://www.bleepingcomputer.com/news/security/north-korean-hackers-stole-research-data-in-two-month-long-breach/