Hidden Cobra – WindowsTechs.com

Money launderer connected to North Korean government hackers, ‘Hushpuppi’ is sentenced to 11 years

Posted on September 9, 2021 by Jeff Stone

A U.S. court sentenced a Canadian man to 11 years in prison for his role in a global hacking and money laundering scheme allegedly spearheaded by North Korean cybercriminals. Ghaleb Alaumary, a 36-year-old Ontario native, was sentenced Wednesday to 140 months in federal prison and to pay more than $30 million in restitution after pleading guilty to two counts of conspiracy to commit money laundering, the Justice Department announced. The defendant’s role involved providing bank accounts into which North Korean hackers could funnel stolen currency, and then recruiting individuals to withdraw cash from ATMs around the world. The millions of dollars came from sources including the 2019 theft of a Maltese bank, a 2018 fraud from Pakistan’s BankIslami, as well as a professional soccer team based in the U.K., according to the Justice Department. Alaumary was also reportedly connected to Ramon Abbas, a Nigerian Instagram influencer better known as “Hushpuppi” […]

The post Money launderer connected to North Korean government hackers, ‘Hushpuppi’ is sentenced to 11 years appeared first on CyberScoop.

Continue reading Money launderer connected to North Korean government hackers, ‘Hushpuppi’ is sentenced to 11 years→

U.S. Indicts North Korean Hackers in Theft of $200 Million

Posted on February 17, 2021 by BrianKrebs

The U.S. Justice Department today unsealed indictments against three men accused of working with the North Korean regime to carry out some of the most damaging cybercrime attacks over the past decade, including the 2014 hack of Sony Pictures, the global WannaCry ransomware contagion of 2017, and the theft of roughly $200 million and attempted theft of more than $1.2 billion from banks and other victims worldwide. Continue reading U.S. Indicts North Korean Hackers in Theft of $200 Million→

North Korea-Backed Spy Group Poses as Reporters in Spearphishing Attacks, Feds Warn

Posted on October 28, 2020 by Tara Seals

The Kimsuky/Hidden Cobra APT is going after the commercial sector, according to CISA. Continue reading North Korea-Backed Spy Group Poses as Reporters in Spearphishing Attacks, Feds Warn→

Feds Reveal Hidden Cobra’s Trove of Espionage Tools

Posted on May 13, 2020 by Elizabeth Montalbano

The APT’s new cyber-attack tools are laid bare on three-year anniversary of WannaCry. Continue reading Feds Reveal Hidden Cobra’s Trove of Espionage Tools→

FBI, DHS to go public with suspected North Korean hacking tools

Posted on May 12, 2020 by Shannon Vavra

The FBI and the Department of Homeland Security are preparing to jointly expose North Korean government-backed hacking this week, CyberScoop has learned. Threat data meant to help companies fend off hackers has already been shared with the private sector in an effort to boost cyber-defenses in critical infrastructure sectors. The circulating information, contained in several documents known as malware analysis reports (MARs), details activity from Hidden Cobra hackers, an advanced persistent threat group that the U.S. government has previously linked with the North Korean government. The Hidden Cobra group frequently targets financial institutions such as banks, cryptocurrency exchanges, and ATMs for financial gain, the government says. However, it was not immediately clear which specific security incidents, if any, the U.S. government sought to expose in the information sharing effort. The documents, which sources say contains 26 malware samples, appear to be the latest piece of a broader U.S. government effort […]

The post FBI, DHS to go public with suspected North Korean hacking tools appeared first on CyberScoop.

Continue reading FBI, DHS to go public with suspected North Korean hacking tools→

US offers up to $5m reward for information on North Korean hackers

Posted on April 17, 2020 by Lisa Vaas

UN experts believe the DPRK cyber-steals and launders money, extorts companies and funnels the cash into its nuclear program. Continue reading US offers up to $5m reward for information on North Korean hackers→

Cyber Command’s biggest VirusTotal upload looks to expose North Korean-linked malware

Posted on September 8, 2019 by Shannon Vavra

Cyber Command’s largest-ever upload to VirusTotal exposes malware linked with North Korean government hackers, according to security researchers. #CNMF has posted multiple new malware samples: https://t.co/fSgk1xpG8t — USCYBERCOM Malware Alert (@CNMF_VirusAlert) September 8, 2019 Several of the malware samples have been tied to Lazarus Group, a group the U.S. government has linked with the North Korean government. Specifically, the samples look to be what’s known as “HOPLIGHT,” a trojan that has been used to gather information on victims’ operating systems and uses a public SSL certificate for secure communications with attackers. Cyber Command uploaded 11 malware samples in all. FireEye Managing Principal Threat Analyst Andrew Thompson said the upload signals to North Korea‘s government that it can’t remain anonymous in cyberspace. “Will this deter intelligence activities? Of course not. That’s foolish. What it does do is articulate [North Koreans] aren’t operating free from attribution, which limits the range of activities they should see as […]

The post Cyber Command’s biggest VirusTotal upload looks to expose North Korean-linked malware appeared first on CyberScoop.

Continue reading Cyber Command’s biggest VirusTotal upload looks to expose North Korean-linked malware→

Feds hook ELECTRICFISH, new Windows malware from North Korea

Posted on May 14, 2019 by Danny Bradbury

The FBI and Department of Homeland Security have identified a new strain of malware from North Korea, representing the latest in a long line of cyber attacks from the country Continue reading Feds hook ELECTRICFISH, new Windows malware from North Korea→

North Korea’s Hidden Cobra Strikes U.S. Targets with HOPLIGHT

Posted on April 12, 2019 by Tara Seals

The custom malware is a spy tool and can also disrupt processes at U.S. assets. Continue reading North Korea’s Hidden Cobra Strikes U.S. Targets with HOPLIGHT→

North Korean Lazarus Group Starts Targeting Russian Organizations

Posted on February 20, 2019 by Lucian Constantin

In an unusual move, the Lazarus hacking group associated with the North Korean government has recently started targeting organizations from Russia. The group’s primary targets until now have been organizations from countries with which North Kor… Continue reading North Korean Lazarus Group Starts Targeting Russian Organizations→