North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn

November 23, 2024 at 07:24AM The North Korean threat actor Sapphire Sleet has reportedly stolen over $10 million in cryptocurrency through social engineering via fake LinkedIn profiles since 2020. Utilizing malware disguised as skills assessments and AI-generated identities, they target users in job recruitment scams, gaining system access and financial credentials for theft. **Meeting Takeaways … Read more

North Korea’s Andariel Pivots to ‘Play’ Ransomware Games

October 31, 2024 at 11:37AM North Korea’s Andariel group has begun using Play ransomware, marking their first collaboration with an underground ransomware network. This shift indicates a potential increase in high-impact attacks. Researchers recommend heightened vigilance against future ransomware incidents, as the group remains a significant threat, particularly in sectors vulnerable to cyber attacks. ### … Read more

New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists

October 15, 2024 at 11:54AM North Korean hackers are using a Linux variant of FASTCash malware to steal funds via compromised payment switches, facilitating unauthorized ATM withdrawals. The malware intercepts transaction messages to approve fraudulent transactions of 12,000 to 30,000 Lira. This highlights vulnerabilities in Linux server detection capabilities. **Meeting Takeaways: Financial Fraud / Linux … Read more

N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware

October 9, 2024 at 10:42AM North Korean threat actors are targeting tech job seekers with malware through a campaign called “Contagious Interview.” The group poses as employers, enticing victims to download malicious applications like BeaverTail and InvisibleFerret, designed to steal sensitive data. This ongoing threat highlights financial motivations behind their cyber activities. **Meeting Notes Takeaways … Read more