South Korean police have revealed a major hacking campaign which saw defense secrets stolen by hackers from the north over the period of a year. A report from the Korean National Police Agency (KNPA) published yesterday blamed the campaign on three North Korean state-backed groups: Lazarus, Kimsuky and Andariel. Local reports claimed they targeted as […]
Mar 12, 2024NewsroomCyber Espionage / Threat Russia has detained a South Korean national for the first time on cyber espionage charges and transferred from Vladivostok to Moscow for further investigation. The development was first reported by Russian news agency TASS. “During the investigation of an espionage case, a South Korean citizen Baek Won-soon was identified […]
Mar 05, 2024NewsroomMalware / Cyber Threat North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According to a report shared by Kroll with The Hacker News, TODDLERSHARK overlaps with known Kimsuky malware such as BabyShark and ReconShark. “The threat actor gained access to […]
Mar 05, 2024NewsroomMalware / Cyber Threat North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According to a report shared by Kroll with The Hacker News, TODDLERSHARK overlaps with known Kimsuky malware such as BabyShark and ReconShark. “The threat actor gained access to […]
North Korean hackers breached at least two South Korean microchip equipment companies in recent months, stealing product design drawings and facility site photos, according to South Korea’s spy agency. The National Intelligence Service (NIS) did not disclose the names of the victims but said that hackers used living-off-the-land techniques to attack them. This approach involves […]
The North Korean hacking group Kimsuky is using newly disclosed ScreenConnect vulnerabilities to deploy a polymorphic malware variant called ToddleShark for espionage and data theft.
Feb 29, 2024NewsroomMalware / Endpoint Security The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been collectively downloaded 3,269 times, with pycryptoconf accounting for […]
Files encrypted by Rhysida ransomware can be successfully decrypted, due to a implementation vulnerability discovered by Korean researchers and leveraged to create a decryptor. Rhysida and its ransomware Rhysida is a relatively new ransomware-as-a-service gang that engages in double extortion. First observed in May 2023, it made its name by attacking the British Library, the […]
UNITED NATIONS (AP) — U.N. experts say they are investigating 58 suspected North Korean cyberattacks between 2017 and 2023 valued at approximately $3 billion, with the money reportedly being used to help fund its development of weapons of mass destruction. And the high volume of cyberattacks by North Korean hacking groups who report to the […]
- 1
- 2