North Korean Hackers Lure Critical Infrastructure Employees With Fake Jobs

September 18, 2024 at 11:14AM UNC2970, a North Korean threat actor, has been using job-themed lures to distribute new malware to individuals in critical infrastructure sectors. Mandiant reported that UNC2970 targeted individuals in the US, UK, Netherlands, Cyprus, Germany, Sweden, Singapore, Hong Kong, and Australia. The group has been using fake job descriptions to target … Read more

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

September 18, 2024 at 07:03AM North Korea-linked cyber-espionage group UNC2970, alias TEMP.Hermit/Lazarus Group, is phishing energy and aerospace targets with job-themed baits, using a backdoor MISTPEN. Mandiant identified its history in strategic intelligence collection for North Korean interests. The group’s Operation Dream Job leverages weaponized PDFs and older software to execute attacks, evolving to avoid … Read more