December 13, 2024 at 11:45AM The U.S. Department of Justice has indicted 14 North Korean nationals for allegedly violating sanctions through a scheme involving wire fraud, money laundering, and identity theft. They illegally sought remote IT jobs while generating at least $88 million for the North Korean regime, utilizing various deceptive tactics to conceal their … Read more
December 12, 2024 at 03:26PM The U.S. State Department is offering up to $5 million for information on North Korean front companies involved in illegal remote IT work, generating millions to support nuclear programs. Fourteen “IT warriors” were indicted for identity theft and fraud, highlighting ongoing risks of North Korean infiltration in U.S. businesses. **Meeting … Read more
December 12, 2024 at 02:42PM The U.S. Justice Department indicted 14 North Korean nationals for a scheme posing as remote IT workers to commit sanctions violations, fraud, and identity theft, allegedly earning $88 million over six years. They used stolen identities and advanced tactics to access U.S. companies, highlighting the threat of North Korean cyberattacks. … Read more
December 10, 2024 at 05:00AM Radiant Capital was targeted by a North Korean threat actor in a $50 million heist on October 16. Malware infected developers’ devices, enabling fraudulent transactions during normal operations. The attack, linked to group UNC4736, started in September through a deceptive Telegram message and exploited various blockchain platforms before erasing evidence. … Read more
December 9, 2024 at 03:29PM Radiant Capital attributed a $50 million cryptocurrency heist to North Korean hackers known as Citrine Sleet, following a cyberattack on October 16. The attack involved sophisticated malware evading security measures. Radiant is working with U.S. law enforcement to recover stolen funds and emphasizes the need for improved transaction security. **Meeting … Read more
November 25, 2024 at 08:01AM Microsoft reports that North Korean fake IT workers have infiltrated global markets, particularly in the US, UK, and Australia, generating revenue for the regime while potentially stealing data. Numerous fake profiles exist online, and various North Korean threat actors engage in phishing and cryptocurrency theft, targeting sensitive sectors like aerospace … Read more
November 21, 2024 at 07:15AM Threat actors linked to North Korea are impersonating U.S. tech companies to evade sanctions and fund weapons programs. Using forged identities, they secure jobs and funnel earnings back to the DPRK. The U.S. seized numerous fraudulent websites as part of efforts to counter these illicit operations. ### Meeting Takeaways: Malware … Read more
November 12, 2024 at 10:46AM North Korean threat actors are targeting macOS systems with trojanized cryptocurrency-themed apps built using Flutter, which bypassed Apple’s security checks. Discovered by Jamf Threat Labs, these signed and notarized apps connected to DPRK servers and executed scripts. Apple revoked their signatures, but the full extent of the operation is unclear. … Read more
November 7, 2024 at 01:16PM North Korean cryptocurrency hackers have been targeting macOS users by using deceptive PDF applications, backdoors, and innovative persistence techniques to infiltrate systems. ### Meeting Takeaways: 1. **Threat Overview**: North Korean cryptocurrency thieves are actively targeting macOS users. 2. **Method of Attack**: Attackers are utilizing fake PDF applications to execute their … Read more
November 6, 2024 at 09:40PM The EU, US, and South Korea are concerned about Russia transferring military technology to North Korea in exchange for troop assistance against Ukraine. Secretary Blinken indicated that North Korean soldiers are being trained in Russia, with potential destabilizing implications for international security due to possible technology exchanges. ### Meeting Takeaways: … Read more