July 26, 2024 at 05:00AM The U.S. Department of Justice indicted a North Korean operative for ransomware attacks on healthcare facilities to fund illicit activities. The U.S. Department of State offered up to $10 million for information. The operative is linked to a hacking crew deploying the Maui ransomware, targeting U.S. Air Force bases and … Read more
July 25, 2024 at 05:32PM A cyber-espionage group, Andariel, sponsored by North Korea, is targeting organizations across the world, especially in the US. The group is stealing technical and intellectual property for its nuclear and military programs. They fund their activities through ransomware attacks on US healthcare entities. The US government has issued a warning … Read more
July 25, 2024 at 03:51PM Rim Jong Hyok, linked to a North Korean military intelligence agency, faces indictment for allegedly leading cyber attacks on American health care providers, NASA, and military bases. He used money laundering to finance the attacks, disrupting patient treatment and stealing unclassified data from NASA. A reward of up to $10 … Read more
July 19, 2024 at 02:07AM Indian crypto exchange WazirX disclosed the loss of over $230 million in virtual assets in a cyber attack attributed to North Korea. The attack exploited a vulnerability to gain control of a multi-signature wallet. WazirX halted crypto withdrawals and initiated recovery efforts. Blockchain analytics firms suspect the stolen assets are … Read more
July 19, 2024 at 12:39AM Indian cryptocurrency exchange WazirX reported a security breach resulting in over $230 million worth of cryptocurrency stolen from a multi-signature wallet. The breach involved a mismatch in information and the transfer of wallet control to an attacker. The incident is linked to North Korean threat actors, known for targeting cryptocurrency … Read more
July 17, 2024 at 03:12PM North Korea state-sponsored hackers have targeted macOS users with a new variant of BeaverTail malware, posing as a fake job interview to trick victims into downloading a malicious version of Microtalk. Cybersecurity researcher Patrick Wardle uncovered the campaign, highlighting the hackers’ use of social engineering tactics and the execution of … Read more
June 28, 2024 at 12:51PM The North Korea-linked threat actor Kimsuky has been using a new malicious Google Chrome extension, codenamed TRANSLATEXT, to conduct cyber espionage targeting South Korean academia. This extension gathers sensitive information and is designed to bypass security measures, capture browser screenshots, and exfiltrate stolen data. Kimsuky is known for orchestrating cyber … Read more
June 25, 2024 at 08:48AM CoinStats, a cryptocurrency portfolio manager, was back online after hackers drained over $2 million from 1,590 hosted wallets. The platform assured that only 1.3% of CoinStats Wallets were affected. CoinStats requires read-only access to connected wallets, mitigating the risk to users’ funds. The CEO revealed the attack was likely orchestrated … Read more
June 14, 2024 at 03:12AM North Korean threat actors have been increasingly targeting Brazil, mainly focusing on government, aerospace, technology, and financial sectors. These attacks involve using job-themed social engineering campaigns and spreading malware through cryptocurrency professionals and fake npm packages. Google and Microsoft have highlighted tactics used by different North Korean groups, shedding light … Read more
June 3, 2024 at 04:36AM Andariel, a North Korea-linked threat actor, has been using a new Golang-based backdoor called Dora RAT in cyber attacks targeting South Korean educational institutes, manufacturing firms, and construction businesses. The attacks involve the use of multiple malware strains, a vulnerable Apache Tomcat server, and known security vulnerabilities in software. Andariel … Read more