Security News

Five charged for cyber schemes to benefit North Korea's weapons program
2024-05-16 19:17

The U.S. Justice Department charged five individuals today, a U.S. Citizen woman, a Ukrainian man, and three foreign nationals, for their involvement in cyber schemes that generated revenue for North Korea's nuclear weapons program. They were allegedly involved between October 2020 and October 2023 in a campaign coordinated by the North Korean government "To infiltrate U.S. job markets through fraud in an effort to raise revenue for the North Korean government and its illicit nuclear program."

North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
2024-04-25 16:47

The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT. The malware could, "aside from...

That Asian meal you eat on holidays could launder money for North Korea
2024-03-25 06:32

If you dine out at an Asian restaurant on your next holiday, the United Nations thinks your meal could help North Korea to launder money. We mention the restaurants because the UN reckons they collectively help the DPRK to launder $700 million a year.

It's 2024 and North Korea's Kimsuky gang is exploiting Windows Help files
2024-03-21 05:30

North Korea's notorious Kimsuky cyber crime gang has commenced a campaign using fresh tactics, according to infosec tools vendor Rapid7. Rapid7 isn't sure how the gang distributes its latest attack, but is confident the payload includes poisoned Microsoft Compiled HTML Help files along with ISO, VHD, ZIP and RAR files.

Seoul accuses North Korea of stealing southern chipmakers' designs
2024-03-04 20:00

North Korean government spies have broken into the servers of at least two chipmakers and stolen product designs as part of attempts to spur Kim Jong Un's plans for a domestic semiconductor industry, according to Seoul's security agency. After exploiting vulnerabilities to gain access - the NIS doesn't specify which the miscreants abused - the North Korean cyberspies used "Living off the land" techniques to remain hidden.

North Korea hacks two South Korean chip firms to steal engineering data
2024-03-04 14:46

The National Intelligence Service in South Korea warns that North Korean hackers target domestic semiconductor manufacturers in cyber espionage attacks. In the cases observed by the NIS, the North Korean adversaries used "Living off the land" tactics, which entails abusing legitimate software tools for malicious purposes to evade detection by security products.

North Korea running malware-laden gambling websites as-a-service
2024-02-15 04:30

North Korea's latest money-making venture is the production and sale of gambling websites that come pre-infected with malware, according to South Korea's National Intelligence Service. For an extra $3,000 per month North Korea throws in tech support.

North Korea's Cyber Heist: DPRK Hackers Stole $600 Million in Cryptocurrency in 2023
2024-01-08 04:59

Threat actors affiliated with the Democratic People's Republic of Korea (also known as North Korea) have plundered at least $600 million in cryptocurrency in 2023. The DPRK "was responsible for...

Russia joins North Korea in sending state-sponsored cyber troops to pick on TeamCity users
2023-12-14 14:12

Updated The offensive cyber unit linked to Russia's Foreign Intelligence Service is exploiting the critical vulnerability affecting the JetBrains TeamCity CI/CD server at scale, and has been since September, authorities warn. The exploit in TeamCity could give attackers enough access to manipulate a software's source code, sign certificates, and compile and deploy processes, the advisory says.

North Korea's state hackers stole $3 billion in crypto since 2017
2023-12-03 17:11

North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. "Since 2017, North Korea has significantly increased its focus on the cryptocurrency industry, stealing an estimated $3 billion worth of cryptocurrency," Recorded Future analysts said.