Security News

Crypto exchanges freeze accounts tied to North Korea’s notorious Lazarus Group
2023-01-17 06:29

Two cryptocurrency exchanges have frozen accounts identified as having been used by North Korea's notorious Lazarus Group. Lazarus Group is identified suspected of being a cybercrime crew run by the government of North Korea and is infamous for the WannaCry ransomware, attacking Sony Pictures and stealing secrets from energy companies.

North Korea using freelance techies to fund missiles and nukes
2022-12-09 03:35

North Korean IT pros are using freelancing platforms to earn money that the nation's authoritarian government uses to fund the development of missiles and nuclear weapons, according to South Korea's government. "DPRK IT workers are located all around the world, obfuscating their nationality and identities. They earn hundreds of millions of dollars a year by engaging in a wide range of IT development work, including freelance work platforms and cryptocurrency development."

North Korea hits new low by using Seoul Halloween tragedy to exploit Internet Explorer zero-day
2022-12-08 07:02

North Korea has hit a new low, using the death of over 150 people to exploit a zero-day flaw in Internet Explorer. South Korea declared a week of national mourning after the incident.

North Korea Hackers Using New "Dolphin" Backdoor to Spy on South Korean Targets
2022-11-30 18:30

The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the threat actor has used against targets located in its southern counterpart. "The backdoor has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking screenshots, and stealing credentials from browsers," ESET researcher Filip Jurčacko said in a new report published today.

North Korea Hackers Using New "Dolphin" Backdoor to Spy on South Korean Targets
2022-11-30 18:30

The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the threat actor has used against targets located in its southern counterpart. "The backdoor has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking screenshots, and stealing credentials from browsers," ESET researcher Filip Jurčacko said in a new report published today.

North Korea's Lazarus Hackers Targeting macOS Users Interested in Crypto Jobs
2022-09-27 09:46

The infamous Lazarus Group has continued its pattern of leveraging unsolicited job opportunities to deploy malware targeting Apple's macOS operating system. In the latest variant of the campaign observed by cybersecurity company SentinelOne last week, decoy documents advertising positions for the Singapore-based cryptocurrency exchange firm Crypto.com.

North Korea Hackers Spotted Targeting Job Seekers with macOS Malware
2022-08-18 08:56

The North Korea-backed Lazarus Group has been observed targeting job seekers with malware capable of executing on Apple Macs with Intel and M1 chipsets. Slovak cybersecurity firm ESET linked it to a campaign dubbed "Operation In(ter)ception" that was first disclosed in June 2020 and involved using social engineering tactics to trick employees working in the aerospace and military sectors into opening decoy job offer documents.

Emerging H0lyGh0st Ransomware Tied to North Korea
2022-07-15 16:26

Microsoft researchers have linked an emerging ransomware threat that already has compromised a number of small-to-mid-sized businesses to financially motivated North Korean state-sponsored actors that have been active since last year. A group tracked by researchers from Microsoft Threat Intelligence Center as DEV-0530 but that calls itself H0lyGh0st has been developing and using ransomware in attacks since June 2021.

South Korean and US presidents gang up on North Korea's cyber-offensives
2022-05-23 05:25

US president Biden and South Korea's new president Yoon Suk Yeol have pledged further co-operation in many technologies, including joint efforts to combat North Korea. North Korea stands accused of running many offensive operations online.

U.S. Sanctions Cryptocurrency Mixer Blender for Helping North Korea Launder Millions
2022-05-08 19:51

The U.S. Treasury Department on Friday moved to sanction virtual currency mixer Blender.io, marking the first time a mixing service has been subjected to economic blockades. Cryptocurrency mixers, also called tumblers, are privacy-focused services that allow users to move cryptocurrency assets between accounts without leaving a transaction trail by obfuscating their origins.