Tag: korea
-
North Korea Stealing Cryptocurrency With JavaScript Implant
by
in SecurityNews‘Marstech1’ Malware Targets Developers Through GitHub Respository. New North Korean malware is targeting cryptowallets with an unconventional command-and-control infrastructure and through malware embedded into a GitHub repository that’s apparently the account of a Pyongyang hacker. The implant appears to have emerged late last December. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korea-stealing-cryptocurrency-javascript-implant-a-27547
-
South Korea Suspends Downloads of AI Chatbot DeepSeek
by
in SecurityNewsSouth Korea’s Personal Information Protection Commission is blocking DeepSeek AI downloads over privacy concerns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/south-korea-suspends-deepseek/
-
South Korea Suspends DeepSeek AI Downloads Over Privacy Violations
by
in SecurityNewsSouth Korea has formally suspended new downloads of Chinese artificial intelligence (AI) chatbot DeepSeek in the country until the service makes changes to its mobile apps to comply with data protection regulations.Downloads have been paused as of February 15, 2025, 6:00 p.m. local time, the Personal Information Protection Commission (PIPC) said in a statement. The…
-
Downloads of DeepSeek’s AI Apps Paused in South Korea Over Privacy Concerns
by
in SecurityNewsDeepSeek has temporarily paused downloads of its chatbot apps in South Korea while it works with local authorities to address privacy concerns. The post Downloads of DeepSeek’s AI Apps Paused in South Korea Over Privacy Concerns appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/downloads-of-deepseeks-ai-apps-paused-in-south-korea-over-privacy-concerns/
-
North Korea’s IT Worker Scam: How the Regime Infiltrates Global Tech Firms for Cyber Espionage
by
in SecurityNewsCybersecurity researchers at Insikt Group have uncovered a sophisticated North Korean IT worker scam designed to infiltrate global First seen on securityonline.info Jump to article: securityonline.info/north-koreas-it-worker-scam-how-the-regime-infiltrates-global-tech-firms-for-cyber-espionage/
-
N. Korean Hackers Suspected in DEEP#DRIVE Attacks Against S. Korea
by
in SecurityNewsA phishing attack dubbed DEEP#DRIVE is targeting South Korean entities, with thousands already affected. North Korean hackers from… First seen on hackread.com Jump to article: hackread.com/n-korean-hackers-deep-drive-attacks-against-s-korea/
-
Lazarus Group Targets Developers Worldwide with New Malware Tactic
by
in SecurityNews
Tags: crypto, cyber, cybercrime, group, korea, lazarus, malware, north-korea, software, supply-chain, tacticsNorth Korea’s Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign targeting software developers and cryptocurrency users. Dubbed Operation Marstech Mayhem, this operation leverages the group’s latest implant, >>Marstech1,
-
North Korean IT Workers Penetrate Global Firms to Install System Backdoors
by
in SecurityNewsIn a concerning escalation of cyber threats, North Korean IT operatives have infiltrated global companies, posing as remote workers to introduce system backdoors and exfiltrate sensitive data. These activities, which generate critical revenue for the heavily sanctioned regime, also pose significant risks to corporate security and international stability. Fraudulent Hiring North Korea has capitalized on…
-
Unusual attack linked to Chinese APT group combines espionage and ransomware
by
in SecurityNews
Tags: apt, attack, breach, china, cloud, country, credentials, crime, crimes, crypto, cyber, cybercrime, cyberespionage, data, encryption, espionage, exploit, finance, firewall, government, group, hacker, infection, insurance, intelligence, korea, microsoft, network, north-korea, ransom, ransomware, russia, software, tactics, technology, threat, veeam, vulnerabilityThe attacker demanded a $2-million ransom: The attack that resulted in the deployment of the RA World ransomware program, as well as data exfiltration, had the same chain: the toshdpdb.exe loading toshdpapi.dll then decrypting toshdp.dat which resulted in the PlugX variant being deployed. The difference is the attacker then chose to deploy the RA World…
-
North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks
by
in SecurityNews
Tags: attack, business, crypto, cyberattack, government, group, hacking, korea, north-korea, powershell, threatA nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors.The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to a hacking group known as Kimsuky, which is also tracked under the names APT43, Black Banshee, Emerald Sleet, Sparkling Pisces, Springtail,…
-
Breaking macOS Apple Silicon Kernel Hardening: KASLR Exploited
by
in SecurityNewsSecurity researchers from Korea University have successfully demonstrated a groundbreaking attack, dubbed SysBumps, which bypasses Kernel Address Space Layout Randomization (KASLR) in macOS systems powered by Apple Silicon processors. This marks the first successful breach of KASLR on Apple’s proprietary ARM-based architecture, revealing significant vulnerabilities in the kernel hardening mechanisms of modern macOS systems. KASLR…
-
North Korea Targets Crypto Devs Through NPM Packages
by
in SecurityNewsSecurityScorecard has uncovered a sophisticated campaign linked to North Korea’s Lazarus Group, distributing crypto-stealing malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-crypto-devs-npm/
-
US woman faces years in federal prison for running laptop farm for N Korean IT workers
by
in SecurityNewsChristian Marie Chapman, of Litchfield Park, Arizona, helped generate over US $17 million for North Korea after over 300 US companies unwittingly hired staff believing them to be US citizens. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/us-woman-years-federal-prison-laptop-farm-n-korean-it-workers
-
North Korea targets crypto developers via NPM supply chain attack
by
in SecurityNewsYet another cash grab from Kim’s cronies and an intel update from Microsoft First seen on theregister.com Jump to article: www.theregister.com/2025/02/13/north_korea_npm_crypto/
-
Warning: Cybercrime Services Underpin National Security Risk
by
in SecurityNews
Tags: china, cybercrime, cybersecurity, google, hacking, iran, korea, north-korea, ransomware, risk, russia, serviceRussia, China, Iran and North Korea Tapping Cybercrime Services, Google Says. The cybercrime-as-a-service economy continues to power ransomware and other criminal enterprises, as well as serve as an accelerant for state-sponsored hacking, collectively posing an increasing risk to Western national security, cybersecurity researchers warn. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/warning-cybercrime-services-underpin-national-security-risk-a-27502
-
North Korea-linked APT Emerald Sleet is using a new tactic
by
in SecurityNewsMicrosoft Threat Intelligence has observed North Korea-linked APT Emerald Sleet using a new tactic, tricking targets into running PowerShell. Microsoft Threat Intelligence researchers spotted North Korea-linked threat actor Emerald Sleet (also known as Kimsuky and VELVET CHOLLIMA) using a new tactic. They are tricking targets into running PowerShell as an administrator and executing code provided…
-
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack
by
in SecurityNewsThe North Korea-linked threat actor known as Kimsuky has been observed using a new tactic that involves deceiving targets into running PowerShell as an administrator and then instructing them to paste and run malicious code provided by them.”To execute this tactic, the threat actor masquerades as a South Korean government official and over time builds…
-
Cyber crime meshes with cyber warfare as states enlist gangs
by
in SecurityNewsA report from the Google Threat Intelligence Group depicts China, Russia, Iran and North Korea as a bloc using cyber criminal gangs to attack the national security of western countries First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366619194/Google-Cyber-crime-meshes-with-cyber-warfare-as-states-enlist-gangs
-
I’m a security expert, and I almost fell for a North Korea-style deepfake job applicant “¦Twice
by
in SecurityNewsRemote position, webcam not working, then glitchy AI face … Red alert! First seen on theregister.com Jump to article: www.theregister.com/2025/02/11/it_worker_scam/
-
DeepSeek Accused of Over-Collecting Personal Data, Says South Korea’s Spy Agency
by
in SecurityNewsSouth Korea’s National Intelligence Service (NIS) has raised alarms over the Chinese artificial intelligence app, DeepSeek, accusing it of >>excessively
-
Security Researchers Warn of New Risks in DeepSeek AI App
by
in SecurityNewsWeak Encryption, Data Transfers to China, Hidden ByteDance Links Found. Security researchers found DeepSeek AI has weak encryption, SQL injection flaws and sends user data to Chinese state-linked entities. Its AI model failed jailbreak tests, making it prone to manipulation. Regulators in Europe, South Korea, and Australia are investigating, with bans and warnings issued over…
-
Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer
by
in SecurityNews
Tags: apt, attack, control, group, intelligence, kaspersky, korea, north-korea, phishing, spear-phishingResearchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware. Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium, Velvet Chollima, APT43) was first spotted by Kaspersky researchers in 2013. The group works under the control…
-
S. Korea’s Notorious Sex Crime Hub Ya-moon Hacked, User Data Leaked
by
in SecurityNewsYa-moon, S. Korea’s notorious sex crime hub operating since 1990, hacked; user data leaked, exposing CSAM, exploitation, and illicit activities. First seen on hackread.com Jump to article: hackread.com/s-koreas-crime-hub-ya-moon-hacked-user-data-leak/
-
Lazarus Group Targets Bitdefender Researcher with LinkedIn Recruiting Scam
by
in SecurityNewsA Bitdefender researcher was targeted by North Korea’s Lazarus with the lure of a fake job offer First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lazarus-bitdefender-linkedin-scam/
-
Lazarus Group tricks job seekers on LinkedIn with crypto-stealer
by
in SecurityNewsNorth Korea-linked Lazarus Group is duping job seekers and professionals in an ongoing campaign that runs a LinkedIn recruiting scam to capture browser credentials, steal crypto wallet data, and launch persistence.According to a discovery made by BitDefender Labs, threat actors reach out with fake LinkedIn job offers to lure the victims into downloading and executing…
-
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
by
in SecurityNews
Tags: apt, attack, credentials, email, group, hacking, intelligence, korea, malware, microsoft, north-korea, office, phishing, spear-phishing, windowsThe North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center (ASEC).The attacks commence with phishing emails containing a Windows shortcut (LNK) file that’s disguised as a Microsoft Office or PDF document. First…
-
Beware of Lazarus LinkedIn Recruiting Scam Targeting Org’s to Deliver Malware
by
in SecurityNews
Tags: cyber, cyberattack, cybersecurity, exploit, group, jobs, korea, lazarus, linkedin, malware, north-korea, scamA new wave of cyberattacks orchestrated by the North Korea-linked Lazarus Group has been identified, leveraging fake LinkedIn job offers to infiltrate organizations and deliver sophisticated malware. Reports from cybersecurity firms, including Bitdefender, reveal that this campaign targets professionals across industries by exploiting their trust in LinkedIn as a professional networking platform. The operation begins…
-
Lazarus APT targets crypto wallets using cross-platform JavaScript stealer
by
in SecurityNewsThe North Korea-linked APT group Lazarus uses a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Bitdefender researchers reported that the North Korea-linkedLazarus groupuses fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Scammers lure…
-
FlexibleFerret malware targets the macOS via North Korea job campaign
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/flexibleferret-malware-targets-the-macos-via-north-korea-job-campaign
-
MacOS Ferret operators add a deceptive bite to their malware family
by
in SecurityNewsThe macOS Ferret family, variants of malware used by North Korean APTs for cyber espionage, has received a new member as samples of a detection-resistant variant, Flexible-Ferret, appear in the wild.The discovery of the samples was made by SentinelOne researchers who noted the variant’s capability to evade the recent XProtect signature update that Apple pushed…