Nation-State South Korean Companies Targeted by Lazarus via Watering Hole Attacks, Zero-Days Multiple South Korean organizations across industries have been targeted in a recent Lazarus campaign dubbed Operation SyncHole. Ionut Arghire4 days ago
Fraud & Identity Theft North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature North Korean cryptocurrency thieves abusing Zoom Remote collaboration feature to target cryptocurrency traders with malware. Ryan NaraineApril 21, 2025
Malware & Threats How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist The $1.4 billion ByBit cryptocurrency heist combined social engineering, stolen AWS session tokens, MFA bypasses and a rigged JavaScript file. Ryan NaraineMarch 6, 2025
Cybercrime FBI Says North Korea Hacked Bybit as Details of $1.5B Heist Emerge The FBI has attributed the Bybit hack to a North Korean group named TraderTraitor as more technical details of the attack have come to... Eduard KovacsFebruary 27, 2025
Government Leader of North Korean Hackers Sanctioned by EU The EU has announced new sanctions against entities aiding Russia’s war against Ukraine, including an individual who leads North Korean hackers. Eduard KovacsFebruary 25, 2025
Cybercrime $1.5 Billion Bybit Heist Linked to North Korean Hackers Companies and experts have found evidence linking the $1.5 billion Bybit cryptocurrency heist to North Korean Lazarus hackers. Eduard KovacsFebruary 24, 2025
Data Breaches FBI Blames North Korea for $308M Cryptocurrency Hack as Losses Surge in 2024 The FBI said the target was tricked into downloading a malicious Python script under the guise of a pre-employment test hosted on GitHub. Ryan NaraineDecember 24, 2024
Malware & Threats North Korean Hackers Target macOS Users North Korean cryptocurrency thieves caught targeting macOS with fake PDF applications, backdoors and new persistence tactics. Ryan NaraineNovember 7, 2024
Nation-State North Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency Theft The Lazarus APT created a deceptive website that exploited a Chrome zero-day to install malware and steal cryptocurrency. Ionut ArghireOctober 24, 2024
Malware & Threats Mandiant Shines Spotlight on APT45 Behind North Korea’s Digital Military Machine A fresh Mandiant report documents North Korea's APT45 as a distinct hacking team conducting cyberespionage and ransomware operations. Ryan NaraineJuly 25, 2024
Artificial Intelligence KnowBe4 Hires Fake North Korean IT Worker, Catches New Employee Planting Malware KnowBe4 chief executive Stu Sjouwerman: “We sent them their Mac workstation, and the moment it was received, it immediately started to load malware." Ryan NaraineJuly 23, 2024
Malware & Threats Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit. Eduard KovacsFebruary 29, 2024