January 25, 2024 at 11:48AM In 2023, $1.7 billion in cryptocurrency was stolen, down from $3.7 billion in 2022. Decentralized financial systems (DeFi) were targeted, with $1.1 billion stolen, a 64% decrease. North Korean hackers stole slightly over $1 billion, with the number of attacks increasing. Cybersecurity measures are improving, with better collaboration between crypto … Read more
January 12, 2024 at 09:46AM A weekly cybersecurity roundup by SecurityWeek provides a concise compilation of noteworthy stories often overlooked. This week’s round-up includes the WEF’s cybersecurity report, a kyber vulnerability, a self-spreading botnet, Iranian APT attacking Albania, North Korean crypto theft, a new cybersecurity institute, disclosures of vulnerabilities, reports from Cloudflare, and patches for … Read more
January 5, 2024 at 08:42AM Security researchers have uncovered SpectralBlur, a new macOS backdoor linked to the North Korean malware family KandyKorn. The malware, with capabilities such as file manipulation and communication with the command-and-control server, shares similarities with KandyKorn. It is believed to be another addition to the arsenal of Lazarus, a prominent North … Read more
December 11, 2023 at 11:22AM North Korean hackers, under the Andariel group within the Lazarus collective, continue to exploit Log4Shell by launching attacks using new remote access Trojans written in the “D” programming language. These attacks illustrate their uniqueness as they exploit rare programming languages to evade detection, adding complexity to malware detection efforts. Their … Read more
December 11, 2023 at 10:12AM Lazarus, a North Korea-linked hacking group, has been using the Dlang malware in attacks on organizations in manufacturing, agriculture, and physical security sectors. Cisco’s Talos security researchers identify Lazarus as the perpetrator of these attacks, using the NineRAT, DLRAT, and BottomLoader malware families against unpatched systems. The attacks are related … Read more
December 4, 2023 at 10:07AM North Korean state-sponsored hackers reportedly stole over $3 billion in cryptocurrency, according to Recorded Future. SecurityWeek reported on the theft. Clear Takeaway from Meeting Notes: North Korean state-sponsored hackers have been reported to have acquired over $3 billion through cryptocurrency theft, as per findings published by Recorded Future. This significant … Read more
December 3, 2023 at 04:11PM North Korean hackers have stolen around $3 billion in cryptocurrency since 2017, targeting exchanges, individuals, and firms. The theft, often led by groups like Kimsuky and Lazarus, funds North Korea’s military and weapons programs. The U.S. Treasury has imposed sanctions on these hacking groups and related entities. Meeting Takeaways: 1. … Read more
November 10, 2023 at 03:42PM Microsoft has issued a warning about BlueNoroff, a North Korean hacking group, setting up new attack infrastructure on LinkedIn for upcoming social engineering campaigns. The financially motivated group, also known as Sapphire Sleet, has a history of targeting cryptocurrency companies and employees. They gain access to systems by deploying malware … Read more
November 7, 2023 at 03:36PM The BlueNorOff threat group, backed by North Korea, has targeted Apple customers with new macOS malware called ObjCShellz. This malware allows the group to open remote shells on compromised devices. BlueNorOff is known for financially motivated attacks on cryptocurrency exchanges and financial organizations worldwide. The malware communicates with a domain … Read more
November 7, 2023 at 10:03AM Security firm Jamf has discovered a new macOS malware called ObjCShellz that is believed to be used by North Korean hackers to target cryptocurrency exchanges. The malware, tracked as part of the RustBucket Campaign, allows attackers to deliver macOS instructions and collect responses while remaining undetected. Although the purpose of … Read more