The occasion was Shoigu's visit to Pyongyang. Visually they mimic the Global Hawk and Predator B (MQ-9 Reaper), but the characteristics are unknown. Are they modern UAVs or a Kim Jong Un bluff?
NSA, FBI and ROK illustrate the DPRK hackers TTP, used to lure the victims and steal sensitive info. Especially with social engineering and spear phishing.
Volexity cybersecurity experts: The North Korea’s APT uses a fake trading website, that mimic a legit one, and DLL Side-loading to distribute the malware.
Kaspersky cybersecurity experts: North Korea-linked malware hides itself inside an executable that looks like a legitimate program and has several stages of decryption before starting.
US cybersecurity experts: They exploit fictitious identities and pretend to be elsewhere. They are mainly proposed for remote jobs and involving cryptocurrencies.
Stairwell cybersecurity experts: The new North Korea’s malware spread via messages sent from the personal email of a former director of South Korea’s National Intelligence Service (NIS).
The North Korea’s APT uses spear phishing emails to cryptocurrency firm employees that mimic recruitments for high-paying jobs: Goal: to download the malware.