North Korea

Pierluigi Paganini June 04, 2018
North Korea-Linked Covellite APT group stopped targeting organizations in the U.S.

A North Korea-linked APT group, tracked by experts at industrial cybersecurity firm Dragos as Covellite, has stopped targeting US organizations. Anyway, the group, that is believed to be linked to the notorious Lazarus APT group, is continuing to target organizations in Europe and East Asia. The group has been around at least since 2017 and is still active, […]

Pierluigi Paganini June 01, 2018
North Korea-linked Andariel APT Group exploited an ActiveX Zero-Day in recent attacks

A North Korea-linked APT group, tracked as  Andariel Group, leveraged an ActiveX zero-day vulnerability in targeted attacks against South Korean entities. According to a report published by South Korean cyber-security firm AhnLab, the Andariel Group is a division of the dreaded Lazarus APT Group, it  already exploited ActiveX vulnerabilities in past attacks The attackers exploited at […]

Pierluigi Paganini May 22, 2018
North Korea-linked Sun Team APT group targets deflectors with Android Malware

A North Korea-linked APT group tracked as Sun Team has targeted North Korean deflectors with a malicious app that was published in the official Google Play store. A North Korea-linked APT group tracked as Sun Team has targeted North Korean deflectors with a malicious app that was published in the official Google Play store. The campaign, named RedDawn by security experts at […]

Pierluigi Paganini May 02, 2018
Mysterious findings emerged from the analysis of the SiliVaccine North Korea’s antivirus software

Security experts at Check Point that analyzed North Korea’s antivirus software SiliVaccine discovered it is based on a 10-year-old anti-malware engine developed by Trend Micro. Check Point received the very rare sample of North Korea’s SiliVaccine antivirus software from the freelance journalist Martyn Williams. The researchers discovered the SiliVaccine application contained “large chunks of 10+-year-old antivirus engine code […]

Pierluigi Paganini April 05, 2018
North Korea-Linked Lazarus APT suspected for online Casino assault

The North Korea-linked APT group known as Lazarus made the headlines again for attacking an online casino in Central America and other targets. The activity of the Lazarus Group (aka Hidden Cobra) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. […]

Pierluigi Paganini March 10, 2018
North Korean Hidden Cobra APT targets Turkish financial industry with new Bankshot malware

McAfee Advanced Threat Research team discovered that the Hidden Cobra APT group is targeting financial organizations in Turkey. North Korea-linked APT group Hidden Cobra (aka Lazarus Group) is targeting the Turkish financial system. Experts from McAfee observed the hackers using the Bankshot implant in targeted attacks against the financial organizations in Turkey. The attack resembles previous attacks conducted […]

Pierluigi Paganini February 26, 2018
Pyeongchang – Russia’s GRU military intelligence agency hacked Olympics Computers

Pyeongchang – Russia’s GRU military intelligence agency hacked Olympics Computers conducted a false flag operation to make it appear the attack originated in North Korea. On February 9, shortly before the Pyeongchang opening ceremonies on Friday, televisions at the main press centre, wifi at the Olympic Stadium and the official website were taken down. According to The […]

Pierluigi Paganini February 21, 2018
North Korean APT Group tracked as APT37 broadens its horizons

Researchers at FireEye speculate that the APT group tracked as APT37 (aka Reaper, Group123, ScarCruft) operated on behalf of the North Korean government. Here we are to speak about a nation-state actor dubbed APT37 (aka Reaper, Group123, ScarCruft) that is believed to be operating on behalf of the North Korean government. APT37 has been active since at least […]

Pierluigi Paganini February 14, 2018
All You Need to Know About North Korea and its cyber army

What Type Of Technology Does North Korea Have? How Did The Country Begin Using Hackers? How Do Hacking Efforts Comply with the Political Situation? North Korea is not known for technological sophistication.  The country does not have any global technological franchises, such as Apple or Samsung, and its citizens continue to have limited access to […]

Pierluigi Paganini February 07, 2018
Adobe rolled out an emergency patch that fixed CVE-2018-4878 flaw exploited by North Korea

Adobe rolled out an emergency patch that fixed two critical remote execution vulnerabilities, including the CVE-2018-4878 flaw exploited by North Korea. Adobe has rolled out an emergency patch to address two Flash player vulnerabilities after North Korea’s APT group was spotted exploiting one of them in targeted attacks. Last week, South Korea’s Internet & Security […]