15 matches found
Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations
Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. "While the attackers didn't succeed in deploying ransomware on the networks of any of the organizations affected,...
U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals
The U.S. Department of Justice DoJ on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense,...
North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the...
North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs
Summary The U.S. Federal Bureau of Investigation FBI and the following authoring partners are releasing this Cybersecurity Advisory to highlight cyber espionage activity associated with the Democratic People’s Republic of Korea DPRK’s Reconnaissance General Bureau RGB 3rd Bureau based in Pyongyan...
Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks
The Kimsuky aka Springtail advanced persistent threat APT group, which is linked to North Korea's Reconnaissance General Bureau RGB, has been observed deploying a Linux version of its GoBear backdoor as part of a campaign targeting South Korean organizations. The backdoor, codenamed Gomir, is...
North Korea's Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks
U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors' use of social engineering tactics to strike think tanks, academia, and news media sectors. The "sustained information gathering efforts" have been attributed to a state-sponsored cluster dubb...
Google TAG Warns of North Korean-linked ARCHIPELAGO Cyberattacks
A North Korean government-backed threat actor has been linked to attacks targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea and the U.S. Google's Threat Analysis Group TAG is tracking the cluster under the name ARCHIPELAGO, which it...
North Korea's APT37 Targeting Southern Counterpart with New M2RAT Malware
The North Korea-linked threat actor tracked as APT37 has been linked to a piece of new malware dubbed M2RAT in attacks targeting its southern counterpart, suggesting continued evolution of the group's features and tactics. APT37, also tracked under the monikers Reaper, RedEyes, Ricochet Chollima,...
U.S. Charges 3 North Korean Hackers Over $1.3 Billion Cryptocurrency Heist
The U.S. Department of Justice DoJ on Wednesday indicted three suspected North Korean hackers for allegedly conspiring to steal and extort over $1.3 billion in cash and cryptocurrencies from financial institutions and businesses. The three defendants — Jon Chang Hyok, 31; Kim Il, 27; and Park Jin...
U.S. Indicts North Korean Hackers in Theft of $200 Million
The U.S. Justice Department today unsealed indictments against three men accused of working with the North Korean regime to carry out some of the most damaging cybercrime attacks over the past decade, including the 2014 hack of Sony Pictures, the global WannaCry ransomware contagion of 2017, and...
U.S. Sanctions North Korean Group Behind WannaCry, Sony Hacks
The U.S. has slapped sanctions on three well-known North Korean state-sponsored hacker groups – including the group that was tied to the 2017 WannaCry ransomware attacks and the 2014 cyberattack on Sony Pictures Entertainment. The three that were sanctioned are the infamous Lazarus Group, as well...
US Sanctions 3 North Korean Hacking Groups Accused for Global Cyber Attacks
The United States Treasury Department on Friday announced sanctions against three state-sponsored North Korean hacking groups for conducting several destructive cyberattacks on US critical infrastructure. Besides this, the hacking groups have also been accused of stealing possibly hundreds of...
U.S. Charges North Korean Spy Over WannaCry and Sony Pictures Hack
The U.S. Department of Justice announces criminal charges against a North Korean government spy in connection with the 2017 global WannaCry ransomware attack and the 2014 Sony Pictures Entertainment hack. According to multiple government officials cited by the NY Times who are familiar with the...
South Korea Blames North Korea for March Cyberattack
Officials from the Republic of Korea are saying North Korea’s military intelligence agency was responsible for the mid-March malware attacks that knocked several prominent South Korean banks and broadcasters offline, according to a Dow Jones Newswire report. The South Korean Science Ministry...
Report: North Korea Accused Of DDoS Attack On South Korean Airport
North Korean agents have been linked to a malware attack on a South Korea’s Incheon International Airport, according to a report from the JoongAng Daily, a South Korean paper. The paper, citing the Seoul Metropolitan Police Agency, said that a 39 year-old South Korean man was arrested for...