North Korea Archives - Page 6 of 20

Pierluigi Paganini December 22, 2022

North Korea-linked hackers stole $626 million in virtual assets in 2022

North Korea-linked threat actors have stolen an estimated $1.2 billion worth of cryptocurrency and other virtual assets in the past five years. South Korea’s spy agency, the National Intelligence Service, estimated that North Korea-linked threat actors have stolen an estimated 1.5 trillion won ($1.2 billion) in cryptocurrency and other virtual assets in the past five […]

Pierluigi Paganini December 05, 2022

Lazarus APT uses fake cryptocurrency apps to spread AppleJeus Malware

The North Korea-linked Lazarus APT spreads fake cryptocurrency apps under the fake brand BloxHolder to install the AppleJeus malware. Volexity researchers warn of a new malware campaign conducted by the North Korea-linked Lazarus APT against cryptocurrency users. The threat actors were observed spreading fake cryptocurrency apps under the fake brand BloxHolder to deliver the AppleJeus […]

Pierluigi Paganini December 01, 2022

North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

North Korea-linked ScarCruft group used a previously undocumented backdoor called Dolphin against targets in South Korea. ESET researchers discovered a previously undocumented backdoor called Dolphin that was employed by North Korea-linked ScarCruft group (aka APT37, Reaper, and Group123) in attacks aimed at targets in South Korea. ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers […]

Pierluigi Paganini November 16, 2022

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

North Korea-linked Lazarus APT is using a new version of the DTrack backdoor in attacks aimed at organizations in Europe and Latin America. North Korea-linked APT Lazarus is using a new version of the DTrack backdoor to attack organizations in Europe and Latin America, Kaspersky researchers warn. DTrack is a modular backdoor used by the […]

Pierluigi Paganini October 04, 2022

Lazarus APT employed an exploit in a Dell firmware driver in recent attacks

North Korea-linked Lazarus APT has been spotted deploying a Windows rootkit by taking advantage of an exploit in a Dell firmware driver. The North Korea-backed Lazarus Group has been observed deploying a Windows rootkit by relying on exploit in a Dell firmware driver dbutil_2_3.sys, ESET researchers warn. The discovery was made by ESET researchers while […]

Pierluigi Paganini September 16, 2022

North Korea-linked APT spreads tainted versions of PuTTY via WhatsApp

North Korea-linked threat actor UNC4034 is spreading tainted versions of the PuTTY SSH and Telnet client. In July 2022, Mandiant identified a novel spear phish methodology that was employed by North Korea-linked threat actor UNC4034. The attackers are spreading tainted versions of the PuTTY SSH and Telnet client. The attack chain starts with a fake […]

Pierluigi Paganini September 08, 2022

North Korea-linked Lazarus APT targets energy providers around the world

North Korea-linked Lazarus APT group is targeting energy providers around the world, including organizations in the US, Canada, and Japan. Talos researchers tracked a campaign, orchestrated by North Korea-linked Lazarus APT group, aimed at energy providers around the world, including organizations in the US, Canada, and Japan. The campaign was observed between February and July 2022. The attacks […]

Pierluigi Paganini August 26, 2022

GoldDragon campaign: North-Korea linked Kimsuky APT adopts victim verification technique

The North Korea-linked Kimsuky APT is behind a new campaign, tracked as GoldDragon, targeting political and diplomatic entities in South Korea in early 2022. Researchers from Kaspersky attribute a series of attacks, tracked as GoldDragon, against political and diplomatic entities located in South Korea in early 2022 to the North Korea-linked group Kimsuky. Kimsuky cyberespiona group […]

Pierluigi Paganini August 17, 2022

North Korea-linked APT targets Job Seekers with macOS malware

The North Korea-linked Lazarus Group has been observed targeting job seekers with macOS malware working also on Intel and M1 chipsets. ESET researchers continue to monitor a cyberespionage campaign, tracked as “Operation In(ter)ception,” that has been active at least since June 2020. The campaign targets employees working in the aerospace and military sectors and leverages […]

Pierluigi Paganini August 09, 2022

Experts linked Maui ransomware to North Korean Andariel APT

Cybersecurity researchers from Kaspersky linked the Maui ransomware to the North Korea-backed Andariel APT group. Kaspersky linked with medium confidence the Maui ransomware operation to the North Korea-backed APT group Andariel, which is considered a division of the Lazarus APT Group, North Korean nation-state actors used Maui ransomware to encrypt servers providing healthcare services, including electronic […]

North Korea

North Korea-linked hackers stole $626 million in virtual assets in 2022

Lazarus APT uses fake cryptocurrency apps to spread AppleJeus Malware

North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Lazarus APT employed an exploit in a Dell firmware driver in recent attacks

North Korea-linked APT spreads tainted versions of PuTTY via WhatsApp

North Korea-linked Lazarus APT targets energy providers around the world

GoldDragon campaign: North-Korea linked Kimsuky APT adopts victim verification technique

North Korea-linked APT targets Job Seekers with macOS malware

Experts linked Maui ransomware to North Korean Andariel APT

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Cisco fixed maximum-severity security flaw in Secure Firewall Management Center

'Blue Locker' Ransomware Targeting Oil & Gas Sector in Pakistan

Hackers exploit Microsoft flaw to breach Canada ’s House of Commons

Norway confirms dam intrusion by Pro-Russian hackers

Zoom patches critical Windows flaw allowing privilege escalation

QUICK LINKS

North Korea

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!