Malware & Threats North Korean Hackers Hijack Antivirus Updates for Malware Delivery A North Korea-linked threat actor hijacked the update mechanism of eScan antivirus to deploy backdoors and cryptocurrency miners. Ionut Arghire14 hours ago
Malware & Threats Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit. Eduard KovacsFebruary 29, 2024
Cyberwarfare South Korea Says Presumed North Korean Hackers Breached Personal Emails of Presidential Staffer South Korean President Yoon Suk Yeol’s office said presumed North Korean hackers breached the personal emails of one of his staff members. Associated PressFebruary 14, 2024
Nation-State UN Experts Investigating 58 Suspected North Korean Cyberattacks Valued at About $3 Billion U.N. experts are investigating 58 suspected North Korean cyberattacks valued at approximately $3 billion, with the money reportedly being used fund development of weapons... Associated PressFebruary 10, 2024
Malware & Threats New ‘SpectralBlur’ macOS Backdoor Linked to North Korea SpectralBlur is a new macOS backdoor that shows similarities with North Korean hacking group’s KandyKorn malware. Ionut ArghireJanuary 5, 2024
Malware & Threats North Korean Hackers Developing Malware in Dlang Programming Language North Korean hackers have used Dlang-based malware in attacks against manufacturing, agriculture, and physical security organizations. Ionut ArghireDecember 11, 2023
Cybercrime North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report Recorded Future calculates that North Korean state-sponsored threat actors are believed to have stolen more than $3 billion in cryptocurrency. Ionut ArghireDecember 4, 2023
Cyberwarfare US Sanctions North Korean Cyberespionage Group Kimsuky The US has announced sanctions against North Korean cyberespionage group Kimsuky over its intelligence gathering activities. Eduard KovacsDecember 1, 2023
Cybercrime US Sanctions Cryptocurrency Mixer Sinbad for Aiding North Korean Hackers US Treasury sanctions Sinbad, saying the cryptocurrency mixer is laundering funds for North Korean hacking group Lazarus. Ionut ArghireNovember 30, 2023
Government UK, Korea Warn of DPRK Supply Chain Attacks Involving Zero-Day Flaws UK and Korea say DPRK state-sponsored hackers targeted governments, defense organizations via supply chain attacks. Ionut ArghireNovember 27, 2023
Supply Chain Security North Korean Software Supply Chain Attack Hits North America, Asia North Korean hackers breached a Taiwanese company and used its systems to deliver malware to the US, Canada, Japan and Taiwan in a supply... Eduard KovacsNovember 24, 2023
Malware & Threats New MacOS Malware Linked to North Korean Hackers New macOS malware, tracked by Jamf as ObjCShellz, is likely being used by North Korean hackers to target crypto exchanges Kevin TownsendNovember 7, 2023