Security News > 2023 > September > Microsoft: North Korean hackers target Russian govt, defense orgs
Microsoft says North Korean hacking groups have breached multiple Russian government and defense targets since the start of the year.
"Multiple North Korean threat actors have recently targeted the Russian government and defense industry - likely for intelligence collection - while simultaneously providing material support for Russia in its war on Ukraine," said Clint Watts, the head of Microsoft's Digital Threat Analysis Center.
"From November 2022 to January 2023, Microsoft observed a second instance of targeting overlaps, with Ruby Sleet and Diamond Sleet compromising defense firms," Microsoft said.
Microsoft's report follows one published by SentinelLabs last month linking the APT37 North Korean state-backed hacking group to the breach of Russian missile maker NPO Mashinostroyeniya.
The OpenCarrot backdoor deployed by APT37 on the systems of the Russian defense entity was previously linked to another North Korean threat group, the Lazarus Group.
North Korean hackers 'ScarCruft' breached Russian missile maker.
News URL
Related news
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- How Russian hackers went after NGOs’ WhatsApp accounts (source)
- EU sanctions Russian GRU hackers for cyberattacks against Estonia (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- Hackers spoof Microsoft ADFS login pages to steal credentials (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Russian military hackers deploy malicious Windows activators in Ukraine (source)
- North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack (source)