Tag: north-korea
-
New RustyAttr Malware Targets macOS Through Extended Attribute Abuse
by
in SecurityNewsThreat actors have been found leveraging a new technique that abuses extended attributes for macOS files to smuggle a new malware called RustyAttr.The Singaporean cybersecurity company has attributed the novel activity with moderate confidence to the infamous North Korea-linked Lazarus Group, citing infrastructure and tactical overlaps observed in connection with prior campaigns, including First seen…
-
RustyAttr Trojan: Lazarus Group’s New macOS Malware Evades Antivirus with Ease
by
in SecurityNewsResearchers at Group-IB have discovered a new stealth technique employed by the North Korean APT group Lazarus, targeting macOS systems through a unique code-smuggling method. Known for its sophisticated cyber-espionage... First seen on securityonline.info Jump to article: securityonline.info/rustyattr-trojan-lazarus-groups-new-macos-malware-evades-antivirus-with-ease/
-
Aerospace employees targeted with malicious >>dream job<< offers
by
in SecurityNewsIt’s not just North Korean hackers who reach out to targets via LinkedIn: since at least September 2023, Iranian threat actor TA455 has been trying to compromise workers … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/13/malicious-job-offers-aerospace/
-
Iranian Hackers Use “Dream Job” Lures to Deploy SnailResin Malware in Aerospace Attacks
by
in SecurityNewsThe Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group’s playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023.”The campaign distributed the SnailResin malware, which activates the SlugResin backdoor,” Israeli…
-
North Korean hackers create Flutter apps to bypass macOS security
by
in SecurityNewsNorth Korean threat actors target Apple macOS systems using trojanized Notepad apps and minesweeper games created with Flutter, which are signed and notarized by legitimate Apple developer IDs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-create-flutter-apps-to-bypass-macos-security/
-
North Korean-linked hackers were caught experimenting with new macOS malware
by
in SecurityNewsResearchers can’t tell if the malware was used in a campaign, or North Korean operatives were caught before they could deploy it in the wild. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korea-macos-malware-flutter-jamf/
-
North Korean Hackers Target macOS Using Flutter-Embedded Malware
by
in SecurityNewsThreat actors with ties to the Democratic People’s Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices.Jamf Threat Labs, which made the discovery based on artifacts uploaded to the VirusTotal platform earlier…
-
North Korea Hackers Leverage Flutter to Deliver macOS Malware
by
in SecurityNewsJamf observed North Korean attackers embedding malware within Flutter applications to target macOS devices, potentially to test a new way of weaponizing malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-hackers-flutter-macos/
-
New Keylogger Targeting U.S. Organizations Linked to North Korean APT Group Andariel
by
in SecurityNewsA recent analysis from Hybrid Analysis, led by security researcher Vlad Pasca, reveals a newly identified keylogger malware attributed to the North Ko… First seen on securityonline.info Jump to article: securityonline.info/new-keylogger-targeting-u-s-organizations-linked-to-north-korean-apt-group-andariel/
-
North Korean Hackers Employing New Tactic To Acruire Remote Jobs
by
in SecurityNewsNorth Korean threat actors behind the Contagious Interview and WageMole campaigns have refined their tactics, enhancing the obfuscation of their scrip… First seen on gbhackers.com Jump to article: gbhackers.com/north-korean-hackers-remote-tactics/
-
North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack
by
in SecurityNewsThreat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financi… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/north-korean-group-collaborates-with.html
-
A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine
by
in SecurityNewsSouth Korea claims Pro-Russia actors intensified cyberattacks on national sites after it decided to monitor North Korean troops in Ukraine. South Korea’s government blames pro-Russia threat actors for an intensification of cyberattacks on national sites after it decided to monitor North Korean troops in Ukraine. South Korea reports that over 10,000 North Korean troops are…
-
BlueNoroff’s New MacOS Threat: “Hidden Risk” Targets Crypto Enthusiasts
by
in SecurityNewsIn a disturbing revelation from SentinelLabs, North Korean-affiliated threat actors, suspected to be linked to the notorious BlueNoroff APT, are actively targeting cryptocurrency businesses and macOS users. Dubbed the ‘Hidden... First seen on securityonline.info Jump to article: securityonline.info/bluenoroffs-new-macos-threat-hidden-risk-targets-crypto-enthusiasts/
-
Pro-Russian Hacktivists Target South Korea as North Korea Joins Ukraine War
by
in SecurityNewsSouth Korea warned that pro-Russian groups have attacked government and private sector websites following the deployment of North Korean soldiers in Ukraine First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-hacktivits-south-korea/
-
Seoul accuses pro-Kremlin hackers of attacking websites over decision to monitor North Korean troops in Ukraine
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/seoul-accuses-pro-kremlin-hackers-of-attacking-websites-ukraine
-
North Korean Actor Deploys Novel Malware Campaign Against Crypto Firms
by
in SecurityNewsSentinelLabs observed the North Korean group BlueNoroff targeting crypto firms via a multi-stage malware campaign which utilizes a novel persistence mechanism First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-novel-malware-crypto/
-
North Korea allegedly targeting crypto businesses with Mac-focused malware
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/north-korea-bluenoroff-mac-malware-crypto-industry
-
North Korean hackers use new macOS malware against crypto firms
by
in SecurityNewsNorth Korean threat actor BlueNoroff has been targeting crypto-related businesses with a new multi-stage malware for macOS systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-use-new-macos-malware-against-crypto-firms/
-
North Korea’s Andariel Pivots to ‘Play’ Ransomware Games
by
in SecurityNewsThe prominent state-sponsored advanced persistent threat (APT), aka Jumpy Pisces, appears to be moving away from its primary cyber-espionage motives a… First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/north-korea-andariel-play-ransomware
-
North Korean Hackers Target macOS Users
by
in SecurityNewsNorth Korean cryptocurrency thieves caught targeting macOS with fake PDF applications, backdoors and new persistence tactics. The post North Korean Hackers Target macOS Users appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-hackers-target-macos-users-with-fake-crypto-pdfs/
-
North Korean Hackers Target macOS Users with Fake Crypto PDFs
by
in SecurityNewsNorth Korean cryptocurrency thieves caught targeting macOS with fake PDF applications, backdoors and new persistence tactics. The post North Korean Hackers Target macOS Users with Fake Crypto PDFs appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-hackers-target-macos-users-with-fake-crypto-pdfs/
-
DPRK-linked BlueNoroff used macOS malware with novel persistence
by
in SecurityNewsSentinelLabs observed North Korea-linked threat actor BlueNoroff targeting businesses in the crypto industry with a new multi-stage malware. SentinelLabs researchers identified a North Korea-linked threat actor targeting crypto businesses with new macOS malware as part of a campaign tracked as >>Hidden Risk.
-
North Korean Hackers Use Fake News to Spread ‘Hidden Risk’ Malware
by
in SecurityNewsNorth Korean hackers are targeting cryptocurrency businesses with a sophisticated new malware campaign, dubbed >>Hidden Risk.
-
North Korean hackers employ new tactics to compromise crypto-related businesses
by
in SecurityNewsNorth Korean hackers are targeting crypto-related businesses with phishing emails and novel macOS-specific malware. The crypto-related phishing campaign Since July 2024, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/07/north-korean-crypto-related-phishing/
-
Contagious Interview WageMole: North Korea’s New Cyber Espionage Campaigns
by
in SecurityNewsIn a recent report, Zscaler ThreatLabz uncovers the creative yet deceptive strategies used by North Korean threat actors to infiltrate Western job markets. Through two interconnected campaigns”, Contagious Interview and WageMole”, these... First seen on securityonline.info Jump to article: securityonline.info/contagious-interview-wagemole-north-koreas-new-cyber-espionage-campaigns/
-
Officials warn of Russia’s techtroops deal with North Korea amid Ukraine conflict
by
in SecurityNews10,000 of Kim Jong Un’s soldiers believed to be headed for front line First seen on theregister.com Jump to article: www.theregister.com/2024/11/07/russia_tech_transfer_north_korea/
-
North Korean Nation State Threat Actor Using Play Ransomware
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36539/North-Korean-Nation-State-Threat-Actor-Using-Play-Ransomware.html
-
North Korean Hackers Collaborate with Play Ransomware
by
in SecurityNewsFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-hackers-collaborate/
-
North Korean Threat Group Jumpy Pisces Linked to Play Ransomware Attack
by
in SecurityNewsUnit 42, the threat intelligence team at Palo Alto Networks, has uncovered a disturbing new trend in the cybercrime landscape: North Korean state-spon… First seen on securityonline.info Jump to article: securityonline.info/north-korean-threat-group-jumpy-pisces-linked-to-play-ransomware-attack/
-
Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices
by
in SecurityNewsThe North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome … First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/lazarus-group-exploits-google-chrome.html