May 17, 2024 at 02:36PM Three individuals have been arrested for allegedly facilitating North Korea’s attempts to fund its weapons program using US money. They are accused of using various methods, such as securing jobs and running a laptop farm, to extract funds from the US economy. The scheme involved defrauding major US companies and … Read more
May 17, 2024 at 12:58PM The U.S. Justice Department charged five individuals, including a U.S. Citizen woman and a Ukrainian man, for their involvement in North Korea’s cyber schemes to infiltrate U.S. job markets and generate revenue for the country’s nuclear weapons program. The State Department announced a reward of up to $5 million for … Read more
May 17, 2024 at 06:18AM The U.S. Justice Department charged five individuals, including a U.S. citizen woman, a Ukrainian man, and three foreign nationals, for participation in cyber schemes benefiting North Korea’s nuclear weapons program. The defendants are accused of fraud, money laundering, and identity theft, with alleged involvement in a campaign to infiltrate U.S. … Read more
May 17, 2024 at 05:33AM The Kimsuky APT group, associated with North Korea’s Reconnaissance General Bureau, has been observed deploying the Gomir backdoor on Linux to target South Korean organizations. The malware shares extensive code with GoBear and is distributed through trojanized security programs. The campaign highlights the preference for software installation packages as infiltration … Read more
May 16, 2024 at 10:16AM Kimsuky, a North Korean hacker group, has been using trojanized software packages to deliver Gomir, a Linux malware, linked to the Reconnaissance General Bureau. The malware shares similarities with GoBear and allows various operations on the infected system, indicating a sophisticated espionage attack method against South Korean targets.Symantec provided indicators … Read more
May 16, 2024 at 09:35AM North Korean hacker group Kimsuki, linked to military intelligence, used trojanized software packages to deliver Linux malware Gomir in cyberespionage campaigns against South Korean targets. The malware, a variant of GoBear, exhibits persistent behaviors on Linux machines and supports 17 operations through HTTP POST requests. It’s part of a supply-chain … Read more
May 3, 2024 at 03:24PM The NSA and FBI warned of APT43, a North Korea-linked hacking group exploiting weak DMARC policies to launch spearphishing attacks. The attacks aim to gather intelligence on geopolitical events and gain access to private documents and communications. To mitigate this, organizations are advised to update their DMARC policies to prevent … Read more
May 3, 2024 at 12:15PM The US government warns of North Korea-linked hacking group Kimsuky exploiting weak email DMARC settings to conceal spear phishing attacks. They collect intelligence on geopolitical events and maintain access to information affecting North Korean interests. Kimsuky has been engaging in cyber activities since 2012 and conducts well-researched spear phishing campaigns. … Read more
April 24, 2024 at 12:35PM North Korea’s APTs have been spying on South Korean defense contractors for at least a year and a half. Andariel, Kimsuky, and the broader Lazarus Group were involved in espionage campaigns, with details released by South Korean police. The announcement came after North Korea conducted its first-ever nuclear counterattack drill. … Read more
April 22, 2024 at 03:30AM Microsoft reports that North Korea-linked cyber actors are using AI for more efficient operations. The group, identified as Emerald Sleet, employs AI language models for spear-phishing and reconnaissance efforts. They’ve also engaged in cryptocurrency theft and supply chain attacks, utilizing tactics to generate revenue and collect intelligence on the US, … Read more