Tag: korea
-
S. Korea’s Notorious Sex Crime Hub Ya-moon Hacked, User Data Leaked
by
in SecurityNewsYa-moon, S. Korea’s notorious sex crime hub operating since 1990, hacked; user data leaked, exposing CSAM, exploitation, and illicit activities. First seen on hackread.com Jump to article: hackread.com/s-koreas-crime-hub-ya-moon-hacked-user-data-leak/
-
Lazarus Group Targets Bitdefender Researcher with LinkedIn Recruiting Scam
by
in SecurityNewsA Bitdefender researcher was targeted by North Korea’s Lazarus with the lure of a fake job offer First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lazarus-bitdefender-linkedin-scam/
-
Lazarus Group tricks job seekers on LinkedIn with crypto-stealer
by
in SecurityNewsNorth Korea-linked Lazarus Group is duping job seekers and professionals in an ongoing campaign that runs a LinkedIn recruiting scam to capture browser credentials, steal crypto wallet data, and launch persistence.According to a discovery made by BitDefender Labs, threat actors reach out with fake LinkedIn job offers to lure the victims into downloading and executing…
-
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
by
in SecurityNews
Tags: apt, attack, credentials, email, group, hacking, intelligence, korea, malware, microsoft, north-korea, office, phishing, spear-phishing, windowsThe North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center (ASEC).The attacks commence with phishing emails containing a Windows shortcut (LNK) file that’s disguised as a Microsoft Office or PDF document. First…
-
Beware of Lazarus LinkedIn Recruiting Scam Targeting Org’s to Deliver Malware
by
in SecurityNews
Tags: cyber, cyberattack, cybersecurity, exploit, group, jobs, korea, lazarus, linkedin, malware, north-korea, scamA new wave of cyberattacks orchestrated by the North Korea-linked Lazarus Group has been identified, leveraging fake LinkedIn job offers to infiltrate organizations and deliver sophisticated malware. Reports from cybersecurity firms, including Bitdefender, reveal that this campaign targets professionals across industries by exploiting their trust in LinkedIn as a professional networking platform. The operation begins…
-
Lazarus APT targets crypto wallets using cross-platform JavaScript stealer
by
in SecurityNewsThe North Korea-linked APT group Lazarus uses a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Bitdefender researchers reported that the North Korea-linkedLazarus groupuses fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Scammers lure…
-
FlexibleFerret malware targets the macOS via North Korea job campaign
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/flexibleferret-malware-targets-the-macos-via-north-korea-job-campaign
-
MacOS Ferret operators add a deceptive bite to their malware family
by
in SecurityNewsThe macOS Ferret family, variants of malware used by North Korean APTs for cyber espionage, has received a new member as samples of a detection-resistant variant, Flexible-Ferret, appear in the wild.The discovery of the samples was made by SentinelOne researchers who noted the variant’s capability to evade the recent XProtect signature update that Apple pushed…
-
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign Unveiled
by
in SecurityNewsA newly uncovered cyber espionage campaign orchestrated by North Korea’s Lazarus Group has been exposed in SecurityScorecard’s latest First seen on securityonline.info Jump to article: securityonline.info/operation-phantom-circuit-north-koreas-global-data-exfiltration-campaign-unveiled/
-
State-linked hackers deploy macOS malware in fake job interview campaign
by
in SecurityNewsActors linked to North Korea bypassed Apple security using malware called FlexibleFerret. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/north-korean-hackers–fake-interview/739165/
-
Lazarus Group Exploits Trusted Apps for Data Theft via Dropbox
by
in SecurityNews
Tags: crypto, cyber, data, espionage, exploit, group, infrastructure, korea, lazarus, north-korea, programming, software, technology, theft, toolIn an alarming development, North Korea’s infamous Lazarus Group has been linked to a global cyber espionage campaign, code-named Operation Phantom Circuit. Beginning in September 2024, this operation exploited trusted software development tools to infiltrate systems worldwide, targeting cryptocurrency and technology developers. The campaign’s advanced obfuscation techniques and infrastructure demonstrate a significant evolution in the…
-
APT37 Hackers Exploit Group Chats to Deliver Malicious LNK Files
In 2024, South Korea witnessed an alarming surge in Advanced Persistent Threat (APT) attacks, with the state-sponsored APT37 group emerging as a significant threat actor. Leveraging sophisticated techniques, the group targeted individuals and organizations through malicious Hancom Office HWP documents and LNK files distributed via K Messenger group chats. These attacks primarily aimed to evade…
-
North Korea’s Andariel Group Deploys New RID Hijacking Technique for Stealthy Attacks
by
in SecurityNewsThe AhnLab Security Intelligence Center (ASEC) has uncovered details of the Andariel threat group’s use of a sophisticated First seen on securityonline.info Jump to article: securityonline.info/north-koreas-andariel-group-deploys-new-rid-hijacking-technique-for-stealthy-attacks/
-
U.S. Shuts Down Another N. Korean IT Worker Scam, Indicting 5
by
in SecurityNewsThe DOJ, which has move aggressively over the past year to find and shut down North Korea’s numerous IT worker scams, indicts two U.S. citizens and three others for running a six-year operation the stole more than $866,000 from 10 U.S. companies that thought they were hiring legitimate IT pros. First seen on securityboulevard.com Jump…
-
Privacy Roundup: Week 4 of Year 2025
by
in SecurityNews
Tags: access, ai, apt, attack, backup, botnet, breach, cctv, cve, cybersecurity, data, data-breach, detection, email, exploit, firmware, flaw, google, group, identity, infrastructure, korea, lazarus, leak, login, malicious, malware, north-korea, phishing, phone, privacy, regulation, remote-code-execution, risk, router, scam, service, software, startup, technology, threat, tool, update, virus, vulnerability, windowsThis is a news item roundup of privacy or privacy-related news items for 19 JAN 2025 – 25 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
DOJ indicts 5 individuals in North Korea IT worker scam
by
in SecurityNewsAn unsealed indictment revealed threat actors working for North Korea tricked at least 64 U.S. businesses into hiring fake IT workers for financial and propriety data gains. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366618500/DOJ-indicts-5-individuals-in-North-Korea-IT-worker-scam
-
DOJ indicts two Americans for running laptop farm used in North Korea IT worker scam
by
in SecurityNewsThe Justice Department indicted five people for their role in a scheme that allowed North Koreans to gain employment with at least 64 U.S. companies and earn hundreds of thousands of dollars for Pyongyang’s government. ]]> First seen on therecord.media Jump to article: therecord.media/doj-indicts-americans-for-running-laptop-farm-north-korea-scheme
-
Chinese PlushDaemon APT Targets S. Korean IPany VPN with Backdoor
by
in SecurityNewsCybersecurity firm ESET uncovers PlushDaemon, a previously unknown APT group targeting South Korea, deploying a SlowStepper backdoor. This… First seen on hackread.com Jump to article: hackread.com/chinese-plushdaemon-apt-south-korean-vpn-backdoor/
-
Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99
by
in SecurityNewsThe North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to deliver malware.”The campaign begins with fake recruiters, posing on platforms like LinkedIn, luring developers with project tests and code reviews,” Ryan Sherstobitoff, senior vice president of…
-
North Korea’s Lazarus APT Evolves Developer-Recruitment Attacks
by
in SecurityNewsOperation 99 uses job postings to lure freelance software developers into downloading malicious Git repositories. From there, malware infiltrates developer projects to steal source code, secrets, and cryptocurrency. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/north-korea-lazarus-apt-developer-recruitment-attacks
-
US, Japan and S. Korea urge crypto industry to take action against North Korean hackers
by
in SecurityNewsThe governments said North Korea’s notorious Lazarus Group hackers “continue to demonstrate a pattern of malicious behavior in cyberspace by conducting numerous cybercrime campaigns to steal cryptocurrency and targeting exchanges, digital asset custodians, and individual users.”]]> First seen on therecord.media Jump to article: therecord.media/us-japan-south-korea-urge-crypto-industry-of-north-korean-hackers
-
Crypto klepto North Korea stole $659M over just 5 heists last year
by
in SecurityNewsUS, Japan, South Korea vow to intensify counter efforts First seen on theregister.com Jump to article: www.theregister.com/2025/01/15/north_korea_crypto_heists/
-
US, Japan, South Korea Blame North Korean Hackers for $660M Crypto Heists
by
in SecurityNewsThe US, Japan, and South Korea say North Korean hackers stole roughly $660 million in cryptocurrency last year. The post US, Japan, South Korea Blame North Korean Hackers for $660M Crypto Heists appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/us-japan-south-korea-blame-north-korean-hackers-for-660m-crypto-heists/
-
Millions Stolen: North Korea Hackers Target Blockchain Industry
by
in SecurityNewsThe United States, Japan, and the Republic of Korea have joined forces to issue a stark warning to First seen on securityonline.info Jump to article: securityonline.info/millions-stolen-north-korea-hackers-target-blockchain-industry/
-
US govt says North Korea stole over $659 million in crypto last year
by
in SecurityNewsNorth Korean state-backed hacking groups have stolen over $659 million worth of cryptocurrency in multiple crypto-heists, according to a joint statement issued by the United States, South Korea, and Japan on Tuesday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-govt-says-north-korea-stole-over-659-million-in-crypto-last-year/
-
US government charges operators of crypto mixing service used by North Korea and ransomware gangs
by
in SecurityNewsThree Russian citizens were charged with money laundering for their role in operating Blender.io and Sinbad.io crypto mixing services. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/10/us-government-charges-operators-of-crypto-mixing-service-used-by-north-korea-and-ransomware-gangs/
-
Breach Roundup: MetLife Denies RansomHub Cyberattack Claims
by
in SecurityNewsAlso: German Prosecutors Charge Three Alleged Russian Saboteurs. This week, MetLife denied a RansomHub cyberattack claim, RI Health System cyberattack update, npm package deployed Quasar RAT, Germany charges three with espionage for Russia, North Korea’s contagious interview campaign deployed new malware. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-metlife-denies-ransomhub-cyberattack-claims-a-27199
-
New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy
by
in SecurityNewsThe U.S. Department of Justice (DoJ) has issued a final rule carrying out Executive Order (EO) 14117, which prevents mass transfer of citizens’ personal data to countries of concern such as China (including Hong Kong and Macau), Cuba, Iran, North Korea, Russia, and Venezuela.”This final rule is a crucial step forward in addressing the extraordinary…