North Korea
North Korean govt hackers linked to Play ransomware attack
The North Korean state-sponsored hacking group tracked as ‘Andariel’ has been linked to the Play ransomware operation, using the RaaS to work behind the scenes and evade sanctions. A report from Palo Alto Networks and its Unit 42 researchers claims that Andariel might be either an affiliate of Play or acting as an initial access broker […]
North Korean hackers exploit Chrome zero-day to deploy rootkit
North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit. “We assess with high confidence that the observed exploitation of CVE-2024-7971 can be attributed to a North Korean threat actor targeting the cryptocurrency sector for financial gain,” Microsoft said on Friday, […]
South Korea says DPRK hackers stole spy plane technical data
South Korea’s ruling party, People Power Party (PPP), claims that North Korean hackers have stolen crucial information about K2 tanks, the country’s main battle tank, as well as its “Baekdu” and “Geumgang” spy planes. PPP fears that DPRK will use this information to evade military surveillance and gain an advantage on the battlefield, so it’s […]
US dismantles laptop farm used by undercover North Korean IT workers
The U.S. Justice Department arrested a Nashville man charged with helping North Korean IT workers obtain remote work at companies across the United States and operating a laptop farm they used to pose as U.S.-based individuals. Matthew Isaac Knoot, 38, helped North Koreans use a stolen identity to pose as Andrew M., a U.S. citizen, […]
North Korean hackers exploit VPN update flaw to install malware
South Korea’s National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN’s software update to deploy malware and breach networks. The advisory connects this activity with a nationwide industrial factories modernization project Kim Jong-un, the North Korean president, announced in January 2023, believing the hackers are looking to steal trade […]
US offers $10M for tips on DPRK hacker linked to Maui ransomware attacks
The U.S. State Department is offering a reward of up to $10 million for information that could help capture a North Korean military hacker identified as Rim Jong Hyok. Part of the Andariel North Korean hacking group, Hyok and other Andariel operatives were linked to Maui ransomware attacks targeting critical infrastructure and healthcare organizations across the […]