August 30, 2024 at 02:42AM Threat actors linked to North Korea are targeting developers with malware to steal cryptocurrency assets. The campaign involves publishing malicious packages to the npm registry. The attackers use various tactics, including fake job interviews and obfuscated JavaScript, to deploy malware and exfiltrate sensitive data. CrowdStrike has linked the group to … Read more
August 9, 2024 at 03:33AM The U.S. Department of Justice has charged a man from Nashville for running a “laptop farm” to help North Korean actors obtain remote IT jobs with American and British companies. Matthew Isaac Knoot faces multiple charges and potential imprisonment. The scheme aimed to fund North Korea’s weapons program by defrauding … Read more
August 8, 2024 at 12:21PM Kimsuky, a North Korea-linked threat actor, has been identified in new cyber attacks targeting university staff for intelligence gathering. The attacks involve spear-phishing campaigns and use of a web shell to capture credentials and stage phishing pages. To combat this, users are advised to enable multi-factor authentication and scrutinize URLs … Read more
July 31, 2024 at 09:45AM A malware campaign, DEV#POPPER, is targeting software developers across Windows, Linux, and macOS systems. Linked to North Korea, the threat actors use social engineering to trick victims into divulging information or downloading malicious software. The campaign uses obfuscated JavaScript and Python backdoors, along with enhanced obfuscation and remote monitoring to … Read more
July 26, 2024 at 02:34PM The US Department of Justice has unsealed an indictment of a North Korean military intelligence operative, Rom Jong Hyok, accused of carrying out ransomware attacks against US healthcare facilities, and funneling the ransom payments to other breaches globally. The hacking crew, Andariel, controlled by DPRK’s military intelligence agency, poses an … Read more
July 26, 2024 at 05:00AM The U.S. Department of Justice indicted a North Korean operative for ransomware attacks on healthcare facilities to fund illicit activities. The U.S. Department of State offered up to $10 million for information. The operative is linked to a hacking crew deploying the Maui ransomware, targeting U.S. Air Force bases and … Read more
July 25, 2024 at 05:32PM A cyber-espionage group, Andariel, sponsored by North Korea, is targeting organizations across the world, especially in the US. The group is stealing technical and intellectual property for its nuclear and military programs. They fund their activities through ransomware attacks on US healthcare entities. The US government has issued a warning … Read more
July 25, 2024 at 03:51PM Rim Jong Hyok, linked to a North Korean military intelligence agency, faces indictment for allegedly leading cyber attacks on American health care providers, NASA, and military bases. He used money laundering to finance the attacks, disrupting patient treatment and stealing unclassified data from NASA. A reward of up to $10 … Read more
July 19, 2024 at 02:07AM Indian crypto exchange WazirX disclosed the loss of over $230 million in virtual assets in a cyber attack attributed to North Korea. The attack exploited a vulnerability to gain control of a multi-signature wallet. WazirX halted crypto withdrawals and initiated recovery efforts. Blockchain analytics firms suspect the stolen assets are … Read more
July 19, 2024 at 12:39AM Indian cryptocurrency exchange WazirX reported a security breach resulting in over $230 million worth of cryptocurrency stolen from a multi-signature wallet. The breach involved a mismatch in information and the transfer of wallet control to an attacker. The incident is linked to North Korean threat actors, known for targeting cryptocurrency … Read more