Skip to main content

Tag: north korean hackers

8 articles

A coding test setup in a brightly-lit computer lab with a laptop and blank screen.

North Korean Hackers Exploit Coding Tests with Steganography-Laced Malware

North Korean hackers are targeting software developers with a sneaky malware attack, hiding steganography-laced payloads in coding tests to steal sensitive data and cryptocurrency. This latest campaign, tracked as REF9403, is just another example of the DPRK's relentless pursuit of valuable information.

Analyst 207
Cluttered software development workspace with computer screens and terminals, one central laptop lid slightly ajar.

North Korean Hackers Publish 108 Malicious Packages in PolinRider Campaign

North Korean hackers have unleashed a massive wave of malware, publishing 108 malicious packages and web browser extensions across popular platforms like npm, Packagist, Go, and Google Chrome as part of their sneaky PolinRider campaign. This ongoing operation has already produced 162 malicious release artifacts and compromised thousands of systems worldwide.

Analyst 207
Financial sector setting with technology integration and cityscape in background.

Microsoft attributes Mastra AI supply chain attack to North Korean hackers Sapphire Sleet

Microsoft warns that a recent supply chain attack on the Mastra AI npm environment was carried out by Sapphire Sleet, a notorious North Korean hacking group known for targeting the financial sector. This latest incident is part of a larger pattern of attacks that exploit open-source distribution channels.

Analyst 207
People work at computer workstations in a dimly lit indoor software development workspace.

North Korean Hackers Exploit Developer Tools in Malware Campaigns

North Korean hackers have launched a sneaky malware campaign, tricking victims into executing cross-platform malware for macOS, Linux, and Windows through malicious scripts hidden in GitHub repositories. Their latest tactic, dubbed UNK_DeadDrop, uses recruitment lures to deliver self-running code to over 75% of targeted organizations across various sectors.

Analyst 207
Smartphone on a cluttered gaming desk with blurred Android game interface.

North Korean Hackers Infiltrate Android Games to Spy on Defectors

Security researchers at Eset stumbled upon a sneaky plot by North Korean hackers, who infiltrated popular Android games to spy on defectors by hiding a backdoor called BirdCall in the apps. The malicious code was cleverly disguised in game files available for download on a regional gaming platform's official website.

Analyst 207
Worker looks concerned at laptop screen displaying fake Zoom meeting in modern office.

North Korean Hackers Exploit Crypto Firms with AI-Driven Zoom Lures

North Korean hackers launched a massive spear-phishing campaign, targeting over 100 crypto organizations worldwide with cleverly crafted Zoom lures and AI-generated deepfakes. They used fake calendar invites and typosquatted meeting links to gain access and exfiltrate sensitive data in a matter of minutes.

Analyst 207
Crypto executive looks concerned at laptop with subtle scheduling software on screen.

North Korean Hackers Exploit Fake Zoom Meetings to Target Crypto Executives

North Korean hackers are using a sneaky tactic to target crypto executives: they pose as legitimate meeting attendees, harvesting video and audio to make future scams more convincing. They start by sending Calendly invites for fake catch-up meetings, then swap the link with a fake Zoom or Teams URL to gain their victim's trust.

Analyst 207
Shadowy figure in hoodie surrounded by screens and cables, coding on laptop with multiple terminals open.

North Korean Hackers Expand Malicious Package Reach Across Multiple Coding Ecosystems

Beware of the Trojan horse in your code: North Korean hackers have quietly infiltrated multiple package ecosystems, publishing around 1,700 malicious packages that masquerade as legitimate developer tools but act as malware loaders. This sneaky campaign, linked to the Contagious Interview group, puts developers and organizations relying on shared code on high alert.

Analyst 207