The North Korea-linked APT group Lazarus has stolen more than $240 million worth of cryptocurrency since June 2023, researchers warn. According to a report published by blockchain cyber security firm Elliptic, in the past 104 days, the North Korea-linked APT group Lazarus has stolen most of $240 million in crypto assets from multiple businesses, including […]
North Korea-linked threat actors associated with North Korea exploited a zero-day flaw in attacks against cybersecurity experts. North Korea-linked threat actors were observed exploiting a zero-day vulnerability in an unnamed software to target cybersecurity researchers. The attacks that took place in the past weeks were detected by researchers at Google’s Threat Analysis Group (TAG). “Recently, […]
ReversingLabs researchers linked the VMConnect campaign to the North Korea-linked APT group Labyrinth Chollima. ReversingLabs researchers believe that the North Korea-linked APT group Labyrinth Chollima is behind the VMConnect campaign. Threat actors uploaded a series of malicious packages to the PyPI (Python Package Index) repository, including a rogue package posing as the VMware vSphere connector […]
The North Korea-linked Lazarus group exploits a critical flaw in Zoho ManageEngine ServiceDesk Plus to deliver the QuiteRAT malware. The North Korea-linked APT group Lazarus has been exploiting a critical vulnerability, tracked as CVE-2022-47966, in Zoho’s ManageEngine ServiceDesk in attacks aimed at the Internet backbone infrastructure provider and healthcare organizations. The state-sponsored hackers targeted entities […]
The U.S. FBI warned that North Korea-linked threat actors may attempt to cash out stolen cryptocurrency worth more than $40 million. The Federal Bureau of Investigation shared details about the activity of six cryptocurrency wallets operated by North Korea-linked threat actors. The wallets hold roughly 1,580 Bitcoin (roughly $41 million at the current rate) that […]
North Korea-linked APT Kimsuky launched a spear-phishing campaign targeting US contractors working at the war simulation centre. North Korea-linked APT group Kimsuky carried out a spear-phishing campaign against US contractors involved in a joint U.S.-South Korea military exercise. The news was reported by the South Korean police on Sunday, the law enforcement also added that […]
SentinelOne researchers attribute the recent supply chain attacks on JumpCloud to North Korea-linked threat actors. JumpCloud is a cloud-based directory service platform designed to manage user identities, devices, and applications in a seamless and secure manner. It allows IT administrators to centralize and simplify their identity and access management tasks across various systems and applications. […]
Researchers spotted a new version of the RustBucket Apple macOS malware that supports enhanced capabilities. Researchers from the Elastic Security Labs have spotted a new variant of the RustBucket Apple macOS malware. In April, the security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket. The group BlueNoroff is considered a group that […]
North Korea-linked cyberespionage group Andariel used a previously undocumented malware called EarlyRat. Kaspersky researchers reported that the North Korea-linked APT group Andariel used a previously undocumented malware dubbed EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year. The Andariel APT (aka Stonefly) has been active since at least 2015, it was involved in several attacks attributed to the North Korean government. The […]
North Korea-linked APT Kimsuky has been linked to a social engineering campaign aimed at experts in North Korean affairs. SentinelLabs researchers uncovered a social engineering campaign by the North Korea-linked APT group Kimsuky that is targeting experts in North Korean affairs. The attacks are part of a broader campaign recently detailed in a joint advisory published by […]