Security News > 2024 > July > North Korean chap charged for attacks on US hospitals, military, NASA – and even China

The US Department of Justice on Thursday charged a North Korean national over a series of ransomware attacks on stateside hospitals and healthcare providers, US defense companies, NASA, and even a Chinese target.

An indictment [PDF] named Rim Jong Hyok as a participant in "a conspiracy to hack and extort US hospitals and other health care providers, launder the ransom proceeds, and then use these proceeds to fund additional computer intrusions into defense, technology, and government entities worldwide."

The indictment mentions a pair of South Korean defense companies as targets, as well as a South Korean manufacturer.

Even a Chinese energy company became a target - an oddity, given North Korea depends on the People's Republic for patronage and resources.

"Onyx Sleet's ability to develop a spectrum of tools to launch its tried-and-true attack chain makes it a persistent threat, particularly to targets of interest to North Korean intelligence, like organizations in the defense, engineering, and energy sectors," in Microsoft's estimation.

"APT45 and activity clusters suspected of being linked to the group are strongly associated with a distinct genealogy of malware families separate from peer North Korean operators like TEMP.Hermit and APT43," Mandiant asserted, before noting that the group is North Kore''s most frequently-observed targeter of critical infrastructure.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/07/26/andariel_indictment_north_korea/