Security News

Hackers Exploiting VMware Horizon to Target South Korea with NukeSped Backdoor
2022-05-20 03:23

The North Korea-backed Lazarus Group has been observed leveraging the Log4Shell vulnerability in VMware Horizon servers to deploy the NukeSped implant against targets located in its southern counterpart. NukeSped is a backdoor that can perform various malicious activities based on commands received from a remote attacker-controlled domain.

U.S. Sanctions Cryptocurrency Mixer Blender for Helping North Korea Launder Millions
2022-05-08 19:51

The U.S. Treasury Department on Friday moved to sanction virtual currency mixer Blender.io, marking the first time a mixing service has been subjected to economic blockades. Cryptocurrency mixers, also called tumblers, are privacy-focused services that allow users to move cryptocurrency assets between accounts without leaving a transaction trail by obfuscating their origins.

VHD Ransomware Linked to North Korea’s Lazarus Group
2022-05-05 12:20

Cryptocurrency thief Lazarus Group appears to be widening its scope into using ransomware as a way to rip off financial institutions and other targets in the Asia-Pacific region, researchers have found. Financial transactions and similarities to previous malware in its source code link a recently emerged ransomware strain called VHD to the North Korean threat actors, also known as Unit 180 or APT35.

North Korea targeting blockchain, cryptocurrency companies
2022-04-21 13:47

North Korea targeting blockchain, cryptocurrency companies. The advisory describes the recent activities of the Lazarus Group, who specialize in advanced persistent threats and target organizations in the blockchain and cryptocurrency industries.

North Korea's Lazarus cyber-gang caught 'spying' on chemical sector companies
2022-04-15 02:30

North Korea's Lazarus cybercrime gang is now breaking into chemical sector companies' networks to spy on them, according to Symantec's threat intel team. Fresh evidence has been found linking a recent espionage campaign against South Korean targets to file hashes, file names, and tools previously used by Lazarus, according to Symantec.

Ethereum Developer Jailed 63 Months for Helping North Korea Evade Sanctions
2022-04-14 06:17

A U.S. court has sentenced former Ethereum developer Virgil Griffith to five years and three months in prison and pay a $100,000 fine for conspiring with North Korea to help use cryptocurrencies to circumvent sanctions imposed on the country. "There is no question North Korea poses a national security threat to our nation, and the regime has shown time and again it will stop at nothing to ignore our laws for its own benefit," U.S. Attorney Damian Williams said in a statement.

US cryptocurrency coder gets 5 years for North Korea sanctions busting
2022-04-13 18:52

You may recall the late cryptocurrency trading hamster, Mr Goxx, who went viral during his brief and colourful life as a rodentine coinhodler. Sadly, given how this particular story ends, US cryptocurrency developer Virgil Griffith has provided another episode in the never-a-dull-moment world of cryptocurrencies.

Ethereum dev imprisoned for helping North Korea evade sanctions
2022-04-12 21:42

Virgil Griffith, a US cryptocurrency expert, was sentenced on Tuesday to 63 months in prison after pleading guilty to assisting the Democratic People's Republic of Korea with technical info on how to evade sanctions. Griffith, who worked as a special projects developer and research scientist for the Ethereum Foundation, was arrested in November 2019 by the FBI following a presentation in North Korea on how the country could use cryptocurrency and blockchain tech to launder money and evade sanctions.

Chrome Zero-Day from North Korea
2022-03-31 11:13

North Korean hackers have been exploiting a zero-day in Chrome. The flaw, tracked as CVE-2022-0609, was exploited by two separate North Korean hacking groups.

We blocked North Korea's Chrome exploit, says Google
2022-03-25 01:39

Google on Thursday described how it apparently caught and thwarted North Korea's efforts to exploit a remote code execution vulnerability in Chrome. Exploiting the bug clears the way to compromise a victim's browser and potentially take over their computer to spy on them.