Security News > 2023 > September > Microsoft: North Korean hackers target Russian govt, defense orgs
Microsoft says North Korean hacking groups have breached multiple Russian government and defense targets since the start of the year.
"Multiple North Korean threat actors have recently targeted the Russian government and defense industry - likely for intelligence collection - while simultaneously providing material support for Russia in its war on Ukraine," said Clint Watts, the head of Microsoft's Digital Threat Analysis Center.
"From November 2022 to January 2023, Microsoft observed a second instance of targeting overlaps, with Ruby Sleet and Diamond Sleet compromising defense firms," Microsoft said.
Microsoft's report follows one published by SentinelLabs last month linking the APT37 North Korean state-backed hacking group to the breach of Russian missile maker NPO Mashinostroyeniya.
The OpenCarrot backdoor deployed by APT37 on the systems of the Russian defense entity was previously linked to another North Korean threat group, the Lazarus Group.
North Korean hackers 'ScarCruft' breached Russian missile maker.
News URL
Related news
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- North Korean hackers linked to $1.5 billion ByBit crypto heist (source)
- OpenAI bans ChatGPT accounts used by North Korean hackers (source)
- North Korean Hackers Steal $1.5B in Cryptocurrency (source)