Cyber Espionage, North Korea’s Kimsuki evolves its TTPs
Yoroi-ZLab cyber security experts: The APT exploits a malware, compatible with the previous campaigns, and a new strategy to avoid being detected.
Cybercrime, Lazarus attacks on cryptocurrency business evolve
Kaspersky cyber security experts: North Korea’s hackers continue Operation AppleJeus, altering their macOS and Windows malware considerably.
Cyber Espionage, Lazarus targets macOs with a new malware
The cyber security experts: The North Korea’s APT malicious code has a very low detection rate. It’s hosted in a cryptocurrency trading platform. The campaign is similar to Operation AppleJeus.
Cyber Warfare: North Korea hit targets with a trojan variant, HOPLIGHT
US CISA, FBI and DoD cyber security experts: The HIDDEN COBRA malware collects system information about the victim machine including OS Version, Volume Information and System Time.
Cybercrime, an APT launched zero-day attack thanks to a Google’s Chrome flaw
Kaspersky cyber security experts dubbed the campaign as Operation WizardOpium. The profile of the targeted website is in line with earlier DarkHotel attacks.
Cyber Warfare, USA hit North Korea state sponsored hackers
OFAC sactions Lazarus, Bluenoroff and Andariel. They’re linked to Pyongyang’s RGB and launched cyber attacks to support illicit weapon and missile programs, and to spy and sabotate enemies.
North Korea stole US$ 2bn with cyber attacks to fund It’s weapons program
It has been unveiled by a leaked United Nations report. Pyongyang state sponsored hackers as Lazarus preferred cryptocurrency to avoid international controls on money flux.
Cybercrime and other APTs are copying North Korea cyber attacks
F-Secure cyber security experts: The target is the banking/finance sector. The motivations are three: data theft, data integrity and sabotage, and direct financial theft.
New version of Ryuk ransomware to better protect Russia from encrypting
MalwareHunterTeam cyber security experts discover a variant of the ransomware that adds IP and Computer Name blacklisting. Probably behind it there is still GRIM SPIDER cybercrime group.
North Korea, new Lazarus campaign with Electricfish malware
The cyber security experts: The APT’s malicious code implements a custom protocol that allows traffic to be funneled between a source and a destination IP address.