Security News > 2023 > February > North Korean hackers stole research data in two-month-long breach
A new cyber espionage campaign dubbed 'No Pineapple!' has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction.
The campaign is named after the '' error seen transmitted by a remote access malware when uploading stolen data to the threat actor's servers.
After successfully breaching the network, the hackers deployed the tunneling tools 'Plink and '3Proxy' to create reverse tunnels back to the threat actors' infrastructure, allowing the threat actors to bypass the firewall.
Over the next two months, the threat actors spread laterally through the network, acquiring administrator credentials and stealing data from devices.
The attack culminated on November 5th, 2022, with the actors lurking in the network for over two months and ultimately stealing 100GB of data from the compromised organization.
WithSecure's report is another indication of Lazarus' activity, with the threat group continuing its efforts to gather intelligence and exfiltrate large amounts of data from high-profile victims.
News URL
Related news
- 3CX confirms North Korean hackers behind supply chain attack (source)
- North Korean Hackers Uncovered as Mastermind in 3CX Supply Chain Attack (source)
- Hackers can breach networks using data on resold corporate routers (source)
- Western Digital Confirms Customer Data Stolen by Hackers in March Breach (source)
- Hacker ‘PlugwalkJoe’ pleads guilty to 2020 Twitter breach (source)
- North Korean hackers breached major hospital in Seoul to steal data (source)
- North Korean Kimsuky Hackers Strike Again with Advanced Reconnaissance Malware (source)
- Chinese hackers breach US critical infrastructure in stealthy attacks (source)