Security News > 2024 > July > North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
![North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks](/static/build/img/news/north-korean-hackers-shift-from-cyber-espionage-to-ransomware-attacks-medium.jpg)
A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country.
"APT45 is a long-running, moderately sophisticated North Korean cyber operator that has carried out espionage campaigns as early as 2009," researchers Taylor Long, Jeff Johnson, Alice Revelli, Fred Plan, and Michael Barnhart said.
"It is possible that APT45 is carrying out financially-motivated cybercrime not only in support of its own operations but to generate funds for other North Korean state priorities," Mandiant said.
Another notable malware in its arsenal is a backdoor dubbed Dtrack, which was first used in a cyber attack aimed at the Kudankulam Nuclear Power Plant in India in 2019, marking one of the few publicly known instances of North Korean actors striking critical infrastructure.
"APT45 is one of North Korea's longest running cyber operators, and the group's activity mirrors the regime's geopolitical priorities even as operations have shifted from classic cyber espionage against government and defense entities to include healthcare and crop science," Mandiant said.
"As the country has become reliant on its cyber operations as an instrument of national power, the operations carried out by APT45 and other North Korean cyber operators may reflect the changing priorities of the country's leadership."
News URL
https://thehackernews.com/2024/07/north-korean-hackers-shift-from-cyber.html
Related news
- U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals (source)
- Japan warns of attacks linked to North Korean Kimsuky hackers (source)
- Microsoft links Scattered Spider hackers to Qilin ransomware attacks (source)
- KnowBe4 mistakenly hires North Korean hacker, faces infostealer attack (source)
- US offers $10M for tips on DPRK hacker linked to Maui ransomware attacks (source)
- Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine (source)
- London hospitals left in critical condition after ransomware attack (source)
- Major London hospitals disrupted by Synnovis ransomware attack (source)
- Chinese State-Backed Cyber Espionage Targets Southeast Asian Government (source)
- Qilin ransomware gang linked to attack on London hospitals (source)