Security News

North Korean Hackers Targets Job Seekers with Fake FreeConference App
2024-09-04 15:52

North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financially-driven...

North Korean hackers’ social engineering tricks
2024-09-04 12:18

“North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months,” the FBI has warned through a...

North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit
2024-08-31 15:35

A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The...

North Korean hackers exploit Chrome zero-day to deploy rootkit
2024-08-30 17:04

North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit. [...]

North Korean Hackers Target Developers with Malicious npm Packages
2024-08-30 06:25

Threat actors with ties to North Korea have been observed publishing a set of malicious packages to the npm registry, indicating "coordinated and relentless" efforts to target developers with...

North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign
2024-08-21 15:37

A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign. Cisco Talos attributed the...

New macOS Malware TodoSwift Linked to North Korean Hacking Groups
2024-08-21 11:00

Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups. "This application shares several behaviors with malware we've seen that originated in North Korea - specifically the threat actor known as BlueNoroff - such as KANDYKORN and RustBucket," Kandji security researcher Christopher Lopez said in an analysis.

0-day in Windows driver exploited by North Korean hackers to deliver rootkit (CVE-2024-38193)
2024-08-20 12:59

CVE-2024-38193, an actively exploited zero-day that Microsoft patched earlier this month, has been leveraged by North Korean hackers to install a rootkit on targets’ computers, Gen Digital...

DOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs
2024-08-09 07:12

The U.S. Department of Justice on Thursday charged a 38-year-old individual from Nashville, Tennessee, for allegedly running a "Laptop farm" to help get North Koreans remote jobs with American and British companies. Court documents allege that Knoot participated in a worker fraud scheme by letting North Korean actors get employment at information technology companies in the U.K. and the U.S. It's believed that the revenue generation efforts are a way to fund North Korea's illicit weapons program.

US dismantles laptop farm used by undercover North Korean IT workers
2024-08-08 22:18

​​The U.S. Justice Department arrested a Nashville man charged with helping North Korean IT workers obtain remote work at companies across the United States and operating a laptop farm they used...