Security News

North Korean hackers have been exploiting a zero-day in Chrome. The flaw, tracked as CVE-2022-0609, was exploited by two separate North Korean hacking groups.

Google on Thursday described how it apparently caught and thwarted North Korea's efforts to exploit a remote code execution vulnerability in Chrome. Exploiting the bug clears the way to compromise a victim's browser and potentially take over their computer to spy on them.

Thieves operating for the North Korean government made off with almost $400m in digicash last year in a concerted attack to steal and launder as much currency as they could. Bitcoin used to be a top target but Ether is now the most stolen currency, say the researchers, accounting for 58 per cent of the funds filched.

A US citizen has admitted to helping the Democratic People's Republic of Korea to establish cryptocurrency capabilities and faces up to 20 years jail for his actions. The DoJ alleges Griffith and his co-conspirators "Provided instruction on how the DPRK could use blockchain and cryptocurrency technology to launder money and evade sanctions," and "How blockchain technology such as 'smart contracts' could be used to benefit the DPRK, including in nuclear weapons negotiations with the United States."

A US citizen has admitted to helping the Democratic People's Republic of Korea to establish cryptocurrency capabilities and faces up to 20 years jail for his actions. The Department of Justice on Monday revealed that Virgil Griffith, a US citizen resident in Singapore, hatched plans in 2018 to help an individual in the hermit kingdom mine cryptocurrency.

Griffith, who worked as a special projects dev and researcher for the Ethereum Foundation, was arrested in November 2019 by the FBI. Advice on how to evade sanctions and launder money. His arrest happened after he traveled to North Korea to give a presentation on how to use cryptocurrency and blockchain tech to launder money and evade sanctions.

South Korean officials have admitted that government nuclear think tank Korea Atomic Energy Research Institute was hacked in May 2021 by North Korea's Kimsuky group. Malware analyst group IssueMakersLab said in a report that it detected an attack on KAERI on May 14th. The attack saw incoming heat from 13 internet addresses, of which one was traceable to Kimsuky.

South Korea's state-run Korea Atomic Energy Research Institute on Friday disclosed that its internal network was infiltrated by suspected attackers operating out of its northern counterpart. KAERI, established in 1959 and situated in the city of Daejeon, is a government-funded research institute that designs and develops nuclear technologies related to reactors, fuel rods, radiation fusion, and nuclear safety.

Nuclear-armed North Korea is advancing on the front lines of cyberwarfare, analysts say, stealing billions of dollars and presenting a clearer and more present danger than its banned weapons programmes. Pyongyang is under multiple international sanctions over its atomic bomb and ballistic missile programmes, which have seen rapid progress under North Korean leader Kim Jong Un. But while the world's diplomatic focus has been on its nuclear ambitions, the North has been quietly and steadily building up its cyber capabilities, and analysts say its army of thousands of well-trained hackers are proving to be just as dangerous.

State-sponsored hackers affiliated with North Korea have been behind a slew of attacks on cryptocurrency exchanges over the past three years, new evidence has revealed. Attributing the attack with "Medium-high" likelihood to the Lazarus Group, researchers from Israeli cybersecurity firm ClearSky said the campaign, dubbed "CryptoCore," targeted crypto exchanges in Israel, Japan, Europe, and the U.S., resulting in the theft of millions of dollars worth of virtual currencies.