Skip to main content

Tag: north korea

156 articles

Lazarus Group Exclusive: DreamJob Threatens EU Defenses

Lazarus Group Exclusive: DreamJob Threatens EU Defenses

“If you build it, they will steal it” — North Korea’s Lazarus Group is quietly targeting EU drone engineers, lifting schematics, firmware, and supplier data to speed or sabotage adversaries’ emulation of Western platforms. The result: stolen designs and corrupted files that can derail production and readiness without a single shot fired.

Analyst 207
BeaverTail and OtterCookie: Stunning Critical Threat

BeaverTail and OtterCookie: Stunning Critical Threat

Cisco Talos warns a North Korean group is fusing BeaverTail’s credential-theft with OtterCookie’s browser persistence into single, stealthier JavaScript malware that’s harder to spot — defenders should start hunting for blended behaviors and tighten basics like MFA, patching, and anomaly detection now.

Analyst 207
EtherHiding: Exclusive Risky Crypto Heist Warning

EtherHiding: Exclusive Risky Crypto Heist Warning

What if the blockchain meant to protect your funds became a hiding place for thieves? Google warns North Korea-linked hackers are using EtherHiding—embedding malware in Ethereum transactions—to siphon crypto, forcing defenders to rethink how they detect and stop attacks.

Analyst 207
EtherHiding in smart contracts: Exclusive Critical Threat

EtherHiding in smart contracts: Exclusive Critical Threat

Imagine the smart contracts you trust quietly carrying malware — researchers say a North Korean‑linked group used a new EtherHiding trick to embed and trigger malicious payloads in blockchain contracts. Defenders now need to move beyond static code checks and adopt runtime monitoring to stop these covert distribution channels before they steal funds.

Analyst 207
North Korean hackers: Stunning $2B Crypto Heist — Alarming

North Korean hackers: Stunning $2B Crypto Heist — Alarming

Elliptic reveals North Korean-linked hackers have grabbed a record $2B in crypto this year, using smart hacks and clever laundering to dodge sanctions — a wake-up call about how quickly digital assets can be weaponized. Stronger defenses, better on-ramps and international cooperation are urgently needed to stop the next haul.

Analyst 207
malware development: Exclusive Risky AI Abuse Exposed

malware development: Exclusive Risky AI Abuse Exposed

OpenAI says it disrupted three groups misusing ChatGPT to develop malware — from a Russian actor refining a RAT and credential‑stealer to activity tied to China and North Korea — highlighting how easily generative AI can be repurposed for harm. The takedown bought defenders time, but it also raises urgent questions about policing, policy and how to keep powerful tools useful without arming attackers.

Analyst 207
North Korean IT personas: Exclusive Risky Threat Revealed

North Korean IT personas: Exclusive Risky Threat Revealed

You won’t believe it until you see it: Okta uncovered convincing fake North Korean IT personas applying, interviewing, and even landing roles across tech, healthcare, finance and AI—using hiring pipelines as a stealthy route for espionage and exploitation. The takeaway: identity is the new perimeter, and companies must tighten onboarding, vetting and access controls before attackers turn routine hiring into a backdoor.

Analyst 207
Lazarus Group Exclusive Threat: Risky Malware Surge

Lazarus Group Exclusive Threat: Risky Malware Surge

Imagine calling tech support and accidentally inviting a nation‑state backdoor into your PC — researchers say North Korea‑linked Lazarus tools are now showing up in everyday tech‑support scams, handing criminals far more powerful, persistent malware. That makes it more important than ever for people and organizations to rethink who they trust and how they secure devices.

Analyst 207
AkdoorTea backdoor: Exclusive Dangerous Threat to Devs

AkdoorTea backdoor: Exclusive Dangerous Threat to Devs

A new North Korea-linked campaign called DeceptiveDevelopment is planting a stealthy backdoor, AkdoorTea, in developer environments worldwide—threatening repositories, build systems, and crypto projects across Windows, macOS, and Linux. If you build or maintain crypto or open-source tooling, now’s the time to lock down keys, enforce MFA, and monitor developer endpoints before a single compromised laptop turns into a major breach.

Analyst 207
military ID cards: Exclusive Risky AI Forgeries

military ID cards: Exclusive Risky AI Forgeries

North Korean-linked hackers are using ChatGPT and image AI to forge photorealistic military IDs and craft highly convincing spear-phishing lures that can fool even seasoned professionals. It’s a wake-up call: stronger verification, cryptographic signing and vigilant cyber-hygiene are now essential to stop AI-enabled deception.

Analyst 207
fake military ID: Risky Stunning AI Forgery Threat

fake military ID: Risky Stunning AI Forgery Threat

Researchers say North Korean operatives used ChatGPT to craft a convincing fake South Korean military ID, showing how generative AI can supercharge social-engineering and produce forgeries that easily fool human reviewers. It’s a wake-up call: organizations need stronger cryptographic identity checks, smarter detection tools, and better staff training so polished prose no longer equals trust.

Analyst 207
Lazarus Group Exclusive: Dangerous DeFi RATs Revealed

Lazarus Group Exclusive: Dangerous DeFi RATs Revealed

A North Korea-linked Lazarus campaign used a crafty phishing lure to deploy three cross-platform RATs—PondRAT, ThemeForestRAT and RemotePE—breaching a DeFi organization and highlighting how attackers now tailor stealthy, multi‑OS toolsets to target decentralized finance. It’s a wake-up call: assume breach, tighten access and key protections, and shift to behavior-based detection across heterogeneous environments.

Analyst 207
Operation HanKook Phantom: Exclusive Dangerous Threat

Operation HanKook Phantom: Exclusive Dangerous Threat

When colleagues become targets, South Korea’s academic community is facing a stealthy campaign — Operation HanKook Phantom — where ScarCruft (APT37) uses tailored phishing and the RokRAT trojan to siphon research and influence policy debates. Universities must boost basics like MFA, endpoint protection and phishing training to protect open inquiry without closing it off.

Analyst 207
spear-phishing campaign: Risky North Korean Tactic Exposed

spear-phishing campaign: Risky North Korean Tactic Exposed

North Korea’s APT37 is luring South Koreans with real-looking internal briefings, turning trusted emails into powerful espionage tools — a wake-up call to strengthen MFA, behavior-based detection, and cross‑agency info sharing.

Analyst 207
Nork IT worker scam: Exclusive Risky Exposé

Nork IT worker scam: Exclusive Risky Exposé

Think a LinkedIn scam meets a spy novel: the U.S. Treasury just sanctioned firms accused of placing North Korean IT workers into legitimate-seeming jobs to funnel money and talent back to Pyongyang, a troubling mix of labor exploitation and cyber risk that should make every hiring manager double-check resumes and vet overseas contractors.

Analyst 207
North Korean cyber-espionage: Exclusive Dangerous Campaign

North Korean cyber-espionage: Exclusive Dangerous Campaign

Imagine getting a flawless meeting invite from a trusted colleague that’s actually a spy—researchers found a North Korean campaign using believable calendar invites and GitHub-hosted malware to target diplomats and foreign ministry staff. The attack’s clever blend of social engineering and mainstream developer tools shows how easily trust can be weaponized, risking sensitive negotiations and long-term access to government networks.

Analyst 207
North Korean Hackers Target npm Registry with XORIndex Malware

North Korean Hackers Target npm Registry with XORIndex Malware

North Korean hackers have unleashed a new wave of malware on the npm registry, cleverly hiding malicious code in popular JavaScript packages and putting millions of developers at risk—can we still trust the tools that power our software?

Analyst 207
Stopping Fake North Korean IT Worker Scams: What You Need Now

Stopping Fake North Korean IT Worker Scams: What You Need Now

Think you’re hiring top IT talent? Think again—sophisticated fake resumes linked to North Korean cybercriminals are fooling companies worldwide, making vigilance more crucial than ever.

Analyst 207
How to Stop the Rising Fake North Korean IT Worker Threat

How to Stop the Rising Fake North Korean IT Worker Threat

Think all resumes are trustworthy? Think again—fake North Korean IT worker profiles are sneaking into global tech teams, posing a hidden threat that could compromise your company’s security from the inside out.

Analyst 207
Stopping Fake North Korean IT Workers: Essential Strategies

Stopping Fake North Korean IT Workers: Essential Strategies

Think you can spot a fake candidate? With North Korean imposters crafting flawless resumes but disappearing in interviews, uncover the crucial strategies every business needs to protect their teams and data.

Analyst 207
How to Stop the Fake North Korean IT Worker Problem Now

How to Stop the Fake North Korean IT Worker Problem Now

Think your hiring process is safe? Think again—fake IT profiles linked to North Koreas covert schemes are slipping through the cracks, putting your company’s security and trust on the line.

Analyst 207
North Korea Sends Russia Over 12 Million Artillery Shells

North Korea Sends Russia Over 12 Million Artillery Shells

North Korea has quietly shipped over 12 million artillery shells to Russia, revealing a surprising new chapter in their alliance and reshaping the dynamics of the Ukraine conflict. What’s driving this massive military support—and what does it mean for the future of global power plays?

Analyst 207
US Sanctions North Korean IT Sweatshop Leader Amid Rising Tensions

US Sanctions North Korean IT Sweatshop Leader Amid Rising Tensions

The U.S. has taken a bold stand against North Korea’s shadowy cyber operations by sanctioning IT leader Song Kum Hyok, revealing how technology can be twisted into a weapon fueling nuclear ambitions and global tension.

Analyst 207
U.S. Imposes Sanctions on North Korean Hacker Linked to Fraudulent IT Worker Scheme

U.S. Imposes Sanctions on North Korean Hacker Linked to Fraudulent IT Worker Scheme

U.S. sanctions North Korean hacker tied to fraudulent IT worker scheme, aiming to curb cybercrime and protect financial systems.

Analyst 207