Security News

US and South Korean agencies have issued a joint cybersecurity advisory describing the tactics, techniques and procedures used by North Korean hackers to deploy "State-sponsored" ransomware on hospitals and other organizations that can be considered part of the countries' critical infrastructure. "The authoring agencies assess that an unspecified amount of revenue from these cryptocurrency operations supports DPRK national-level priorities and objectives, including cyber operations targeting the United States and South Korea governments-specific targets include Department of Defense Information Networks and Defense Industrial Base member networks," the advisory points out.

South Korea's Ministry of Justice will create a "Virtual Currency Tracking System" to crack down on money laundering facilitated by cryptocurrencies, and rated the establishment of the facility among its priorities for the year. In third place were a raft of measures aimed at addressing various unlawful actions such as tackling organized crime, repatriating accused criminals who abscond before facing local courts, improvements to criminal justice systems - and the aforementioned crypto-tracker.

Two cryptocurrency exchanges have frozen accounts identified as having been used by North Korea's notorious Lazarus Group. Lazarus Group is identified suspected of being a cybercrime crew run by the government of North Korea and is infamous for the WannaCry ransomware, attacking Sony Pictures and stealing secrets from energy companies.

North Korean IT pros are using freelancing platforms to earn money that the nation's authoritarian government uses to fund the development of missiles and nuclear weapons, according to South Korea's government. "DPRK IT workers are located all around the world, obfuscating their nationality and identities. They earn hundreds of millions of dollars a year by engaging in a wide range of IT development work, including freelance work platforms and cryptocurrency development."

North Korea has hit a new low, using the death of over 150 people to exploit a zero-day flaw in Internet Explorer. South Korea declared a week of national mourning after the incident.

The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the threat actor has used against targets located in its southern counterpart. "The backdoor has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking screenshots, and stealing credentials from browsers," ESET researcher Filip Jurčacko said in a new report published today.

The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the threat actor has used against targets located in its southern counterpart. "The backdoor has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking screenshots, and stealing credentials from browsers," ESET researcher Filip Jurčacko said in a new report published today.

South Korea issued a publicly available notice on Wednesday to wanted man and Terraform Labs founder Do Kwon, demanding he return his passport. The Ministry of Foreign Affairs disclosure [PDF] said that officials were unable to serve the notice to Kwon so had confirmed on its website that it was invalidating his passport and requesting its return within 14 days.

The infamous Lazarus Group has continued its pattern of leveraging unsolicited job opportunities to deploy malware targeting Apple's macOS operating system. In the latest variant of the campaign observed by cybersecurity company SentinelOne last week, decoy documents advertising positions for the Singapore-based cryptocurrency exchange firm Crypto.com.

South Korea's Personal Information Protection Commission has issued two large fines for privacy violations: a $50 million penalty for Google and $22 million for Meta. The PIPC's beef is that neither Google nor Meta properly obtain consent or inform users on how they collect and use data, particularly with regards to behavioral information used to predict interests for marketing and advertising purposes.