Security News > 2023 > September > Microsoft: North Korean hackers target Russian govt, defense orgs
Microsoft says North Korean hacking groups have breached multiple Russian government and defense targets since the start of the year.
"Multiple North Korean threat actors have recently targeted the Russian government and defense industry - likely for intelligence collection - while simultaneously providing material support for Russia in its war on Ukraine," said Clint Watts, the head of Microsoft's Digital Threat Analysis Center.
"From November 2022 to January 2023, Microsoft observed a second instance of targeting overlaps, with Ruby Sleet and Diamond Sleet compromising defense firms," Microsoft said.
Microsoft's report follows one published by SentinelLabs last month linking the APT37 North Korean state-backed hacking group to the breach of Russian missile maker NPO Mashinostroyeniya.
The OpenCarrot backdoor deployed by APT37 on the systems of the Russian defense entity was previously linked to another North Korean threat group, the Lazarus Group.
North Korean hackers 'ScarCruft' breached Russian missile maker.
News URL
Related news
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn (source)
- Hackers abuse Avast anti-rootkit driver to disable defenses (source)
- Faraway Russian hackers breached US organization via Wi-Fi (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested (source)
- Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Microsoft dangles $10K for hackers to hijack LLM email service (source)