Security News

If you dine out at an Asian restaurant on your next holiday, the United Nations thinks your meal could help North Korea to launder money. We mention the restaurants because the UN reckons they collectively help the DPRK to launder $700 million a year.

The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors...

North Korea's notorious Kimsuky cyber crime gang has commenced a campaign using fresh tactics, according to infosec tools vendor Rapid7. Rapid7 isn't sure how the gang distributes its latest attack, but is confident the payload includes poisoned Microsoft Compiled HTML Help files along with ISO, VHD, ZIP and RAR files.

North Korean government spies have broken into the servers of at least two chipmakers and stolen product designs as part of attempts to spur Kim Jong Un's plans for a domestic semiconductor industry, according to Seoul's security agency. After exploiting vulnerabilities to gain access - the NIS doesn't specify which the miscreants abused - the North Korean cyberspies used "Living off the land" techniques to remain hidden.

The National Intelligence Service in South Korea warns that North Korean hackers target domestic semiconductor manufacturers in cyber espionage attacks. In the cases observed by the NIS, the North Korean adversaries used "Living off the land" tactics, which entails abusing legitimate software tools for malicious purposes to evade detection by security products.

North Korea's latest money-making venture is the production and sale of gambling websites that come pre-infected with malware, according to South Korea's National Intelligence Service. For an extra $3,000 per month North Korea throws in tech support.

OpenAI has shut down five accounts it asserts were used by government agents to generate phishing emails and malicious software scripts as well as research ways to evade malware detection. "We disrupted five state-affiliated malicious actors: two China-affiliated threat actors known as Charcoal Typhoon and Salmon Typhoon; the Iran-affiliated threat actor known as Crimson Sandstorm; the North Korea-affiliated actor known as Emerald Sleet; and the Russia-affiliated actor known as Forest Blizzard," the OpenAI team wrote.

The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer. The malware steals "SSH,...

Threat actors affiliated with the Democratic People's Republic of Korea (also known as North Korea) have plundered at least $600 million in cryptocurrency in 2023. The DPRK "was responsible for...

Interpol on Tuesday revealed the results of what it's dubbed Operation HAECHI IV - a six-month effort that saw 34 nations cooperate, with funding from South Korea. The majority - about three quarters - of the crime investigated by the op was business email compromise, e-commerce fraud, and investment fraud.