South Korea
XenoRAT malware campaign hits multiple embassies in South Korea
A state-sponsored espionage campaign is targeting foreign embassies in South Korea to deploy XenoRAT malware from malicious GitHub repositories. According to Trellix researchers, the campaign has been running since March and is ongoing, having launched at least 19 spearphishing attacks against high-value targets. Although infrastructure and techniques match the pllaybook of North Korean actor Kimsuky (APT43), there are signs that better […]
SK Telecom says malware breach lasted 3 years, impacted 27 million numbers
SK Telecom says that a recently disclosed cybersecurity incident in April, first occurred all the way back in 2022, ultimately exposing the USIM data of 27 million subscribers. SK Telecom is the largest mobile network operator in South Korea, holding roughly half of the national market. On April 19, 2025, the company detected malware on its networks and […]
Fashion giant Dior discloses cyberattack, warns of data breach
House of Dior, the French luxury fashion brand commonly referred to as Dior, has disclosed a cybersecurity incident that has exposed customer information. A spokesperson for the firm told GeekFeed that the incident impacts Dior Fashion and Accessories customers. Currently, cybersecurity experts are investigating the incident to determine its scope. “The House of Dior recently […]
SK Telecom cyberattack: Free SIM replacements for 25 million customers
South Korean mobile provider SK Telecom has announced free SIM card replacements to its 25 million mobile customers following a recent USIM data breach, but only 6 million cards are available through May. SK Telecom is the country’s largest mobile network operator, serving roughly half of the domestic mobile phone market. On April 19, the […]
Lazarus hackers breach six companies in watering hole attacks
In a recent espionage campaign, the infamous North Korean threat group Lazarus targeted multiple organizations in the software, IT, finance, and telecommunications sectors in South Korea. The threat actor combined a watering hole attack strategy with an exploit for a vulnerability in a file transfer client that is required in South Korea to complete certain financial and […]
SK Telecom warns customer USIM data exposed in malware attack
South Korea’s largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related information for customers. SK Telecom is the largest mobile network operator in South Korea, holding approximately 48.4% of the mobile phone service market in the country, corresponding to 34 million subscribers. The company says they detected malware […]
US govt says North Korea stole over $659 million in crypto last year
North Korean state-backed hacking groups have stolen over $659 million worth of cryptocurrency in multiple crypto-heists, according to a joint statement issued by the United States, South Korea, and Japan on Tuesday. The announcement also warns that threat groups linked to the Democratic People’s Republic of Korea (DPRK) are still actively targeting blockchain technology industry […]
Korea arrests CEO for adding DDoS feature to satellite receivers
South Korean police have arrested a CEO and five employees for manufacturing over 240,000 satellite receivers pre-loaded or later updated to include DDoS attack functionality at a purchaser’s request. While neither company has been named, the two companies have been trading since 2017. In November 2018, the purchasing company made a special request to include […]
South Korea says DPRK hackers stole spy plane technical data
South Korea’s ruling party, People Power Party (PPP), claims that North Korean hackers have stolen crucial information about K2 tanks, the country’s main battle tank, as well as its “Baekdu” and “Geumgang” spy planes. PPP fears that DPRK will use this information to evade military surveillance and gain an advantage on the battlefield, so it’s […]
North Korean hackers exploit VPN update flaw to install malware
South Korea’s National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN’s software update to deploy malware and breach networks. The advisory connects this activity with a nationwide industrial factories modernization project Kim Jong-un, the North Korean president, announced in January 2023, believing the hackers are looking to steal trade […]