DoJ Indicts 14 North Koreans for $88M IT Worker Fraud Scheme Over Six Years

December 13, 2024 at 11:45AM The U.S. Department of Justice has indicted 14 North Korean nationals for allegedly violating sanctions through a scheme involving wire fraud, money laundering, and identity theft. They illegally sought remote IT jobs while generating at least $88 million for the North Korean regime, utilizing various deceptive tactics to conceal their … Read more

North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS

November 7, 2024 at 07:42AM A North Korean threat actor, BlueNoroff, has targeted cryptocurrency businesses using multi-stage malware that infects macOS devices via phishing emails and disguised applications. The campaign, named Hidden Risk, employs social engineering tactics, exploiting Apple developer accounts for notarization and illustrates the evolving strategies of North Korean cyber operations. **Meeting Takeaways: … Read more

Officials warn of Russia’s tech-for-troops deal with North Korea amid Ukraine conflict

November 6, 2024 at 09:40PM The EU, US, and South Korea are concerned about Russia transferring military technology to North Korea in exchange for troop assistance against Ukraine. Secretary Blinken indicated that North Korean soldiers are being trained in Russia, with potential destabilizing implications for international security due to possible technology exchanges. ### Meeting Takeaways: … Read more

North Korean hackers exploit VPN update flaw to install malware

August 5, 2024 at 01:24PM The South Korean National Cyber Security Center (NCSC) warns that state-backed DPRK hackers exploited VPN software flaws to deploy malware and breach networks. The activity is connected to a nationwide industrial modernization project announced by Kim Jong-un. The threat groups implicated are Kimsuky and Andariel, targeting the same sector simultaneously. … Read more

North Korea APT Triumvirate Spied on South Korean Defense Industry For Years

April 24, 2024 at 12:35PM North Korea’s APTs have been spying on South Korean defense contractors for at least a year and a half. Andariel, Kimsuky, and the broader Lazarus Group were involved in espionage campaigns, with details released by South Korean police. The announcement came after North Korea conducted its first-ever nuclear counterattack drill. … Read more

UK, Korea Warn of DPRK Supply Chain Attacks Involving Zero-Day Flaws

November 27, 2023 at 07:48AM The UK National Cyber Security Centre (NCSC) and Korea’s National Intelligence Service (NIS) have issued a warning about state-sponsored hackers from North Korea targeting government, financial, and defense organizations through software supply chain attacks. The attackers exploited vulnerabilities to precisely target specific organizations. They used a watering hole attack and … Read more

Hackers exploit MagicLine4NX zero-day in supply-chain attack

November 24, 2023 at 01:20PM The National Cyber Security Centre (NCSC) and Korea’s National Intelligence Service (NIS) have warned that the North Korean Lazarus hacking group has been breaching companies using a zero-day vulnerability in the MagicLine4NX software. The group primarily targets South Korean institutions and is known for utilizing supply-chain attacks and zero-day vulnerabilities … Read more

North Korean Hackers Tageting Crypto Experts with KANDYKORN macOS Malware

November 1, 2023 at 05:36AM State-sponsored threat actors from North Korea’s Lazarus Group have been targeting blockchain engineers of a crypto exchange platform through Discord using a new macOS malware called KANDYKORN. The attacks involve social engineering lures and a multi-stage process to deliver the malware. The Lazarus Group has previously used macOS malware in … Read more