#JPCERTCC

Japan warns of attacks linked to North Korean Kimsuky hackers

by

July 10, 2024 at 01:14PM Japanese organizations are being targeted by the North Korean ‘Kimsuky’ threat actors, who use social engineering and phishing to gain network access. They deploy custom malware to steal data and retain persistence. The latest attacks involved distributing a CHM malware strain and utilizing sophisticated obfuscation to evade detection. Vigilance against … Read more

Japan warns of malicious PyPi packages created by North Korean hackers

by

February 28, 2024 at 10:08AM JPCERT/CC warns of North Korean hacker group Lazarus uploading four malicious PyPI packages to infect developers with malware. These packages allow access to developer networks, enabling financial fraud and supply chain attacks. The malware, named “Comebacker,” connects to the attacker’s server and executes further Windows malware. Previous attacks by Lazarus … Read more