Collaborate Disseminate
Complaint details collaboration with China to funnel $250m in stolen funds as part of state-sponsored attacks. Continue reading DoJ Aims to Seize 280 Cryptocurrency Accounts Used by Hackers
North Korean government-backed hackers are targeting cryptocurrency exchanges to try to steal financial resources as Pyongyang searches for ways to fund its regime, two researchers discovered within the past week. Lazarus Group, also known as APT38, has carried out hacks against central banks and exploited monetary exchanges as part of an effort to boost Kim Jong-un’s financial and military goals. The United Nations revealed in August North Korea had gained approximately $2 billion from hacking banks and cryptocurrency companies. This time, they’re using a front company to do it. Researchers Patrick Wardle, the principal security researcher at Jamf, and MalwareHunterTeam, of IDRansomware, a group that aims to help provide guidance on ransomware, found malware affecting Mac and Windows operating systems that installs a backdoor Trojan on victim machines, allowing hackers to gain control of infected targets. The malware asks for administrative privileges during installation, then communicates with a command-and-control server, and can receive instructions from the hackers to run certain tasks, […]
The post North Korea is using front companies to steal cryptocurrency appeared first on CyberScoop.
Continue reading North Korea is using front companies to steal cryptocurrency
Cyber Command’s largest-ever upload to VirusTotal exposes malware linked with North Korean government hackers, according to security researchers. #CNMF has posted multiple new malware samples: https://t.co/fSgk1xpG8t — USCYBERCOM Malware Alert (@CNMF_VirusAlert) September 8, 2019 Several of the malware samples have been tied to Lazarus Group, a group the U.S. government has linked with the North Korean government. Specifically, the samples look to be what’s known as “HOPLIGHT,” a trojan that has been used to gather information on victims’ operating systems and uses a public SSL certificate for secure communications with attackers. Cyber Command uploaded 11 malware samples in all. FireEye Managing Principal Threat Analyst Andrew Thompson said the upload signals to North Korea‘s government that it can’t remain anonymous in cyberspace. “Will this deter intelligence activities? Of course not. That’s foolish. What it does do is articulate [North Koreans] aren’t operating free from attribution, which limits the range of activities they should see as […]
The post Cyber Command’s biggest VirusTotal upload looks to expose North Korean-linked malware appeared first on CyberScoop.
As President Donald Trump and North Korea’s Kim Jong Un prepare to meet again, cybersecurity researchers say Pyongyang-linked hackers are targeting Korean speakers with spearphishing emails tied to the diplomatic summit. The suspected North Korean hackers sent out a lure document last week purporting to be from a non-government organization, according to South Korean company ESTsecurity. The invitation from the “Korea-U.S. Friendship Society” invites recipients to a meeting in the South Korean capital of Seoul to analyze the results of the Trump-Kim summit, which begins Wednesday. Trump and Kim will discuss North Korea’s nuclear program, which, along with hacking tools, is a key pillar of the regime’s foreign policy. The spearphishing document was formatted in a South Korean word-processing application and came with malicious code associated with North Korean operatives, said ESTsecurity, a company that multiple independent researchers say does good analytical work. Cybersecurity company CrowdStrike has seen that same […]
The post North Korean hackers go on phishing expedition before Trump-Kim summit appeared first on CyberScoop.
Continue reading North Korean hackers go on phishing expedition before Trump-Kim summit
The U.S. Department of Justice announces criminal charges against a North Korean government spy in connection with the 2017 global WannaCry ransomware attack and the 2014 Sony Pictures Entertainment hack.
According to multiple government officials cit… Continue reading U.S. Charges North Korean Spy Over WannaCry and Sony Pictures Hack
Real life has hewed closely to fictional events in ‘The 2020 Commission Report on the North Korean Attacks Against the United States,’ taking the book’s author, American nuclear policy expert Jeffrey Lewis, by surprise. Continue reading This Nuke Expert’s Terrifying New Novel Is the Warning We Need Right Now
The State Department’s top cybersecurity official says he is “optimistic” the United States can strike a deal on norms for government behavior in cyberspace with China and Russia, two of Washington’s biggest adversaries in the domain. Despite myriad grievances with the Russian and Chinese governments over their hacking operations, Robert Strayer said there is ample precedent for a new agreement involving the three cyber powers. “I think that it is possible because we have had three successful processes at the [United Nations] that have established that international law applies to cyberspace just like it does in the real world,” Strayer, a deputy assistant secretary of State, said in an interview. “All of those successful, consensus-based documents required that the U.S., China, and Russia came to agreement on the terms.” Despite that history, the latest round of talks at the UN forum, known as the Group of Governmental Experts, collapsed in […]
The post Top State Department cyber official ‘optimistic’ of deal with Russia, China appeared first on Cyberscoop.
Continue reading Top State Department cyber official ‘optimistic’ of deal with Russia, China
The owner of Destiny Pictures says his company ‘had no involvement’ in Trump’s movie trailer. Continue reading Movie Studio Owner Has No Idea Why the White House Said His Company Made the Fake Kim Jong-un Movie Trailer
As Kim Jong-un speaks publicly about nuclear disarmament, North Korea’s hacker army continues to launch cyberattacks against different businesses across Asia, Europe and the U.S., according to private sector analysts and former U.S. officials. Experts from several cybersecurity firms — Dell SecureWorks, McAfee, Symantec, FireEye and Recorded Future — all told CyberScoop that activity from North Korea has stayed steady or grown in volume since peace talks gained steam earlier this year. The activities of these Pyongyang-linked hacking groups largely focuses on financial theft and covertly stealing digital secrets. While affected companies have quietly dealt with the onslaught in recent months, their contracted cybersecurity firms confidentially collected and studied recent malware samples that show the North Koreans are still actively developing new iterations of their toolsets. “Similar to operations conducted prior to that date [circa January], North Korean actors have engaged in broad cyber espionage using a Destover-variant tool, developed and […]
The post North Korea hasn’t stopped launching cyberattacks amid peace talks appeared first on Cyberscoop.
Continue reading North Korea hasn’t stopped launching cyberattacks amid peace talks
We’re closer to the apocalypse than any other time in modern history. Continue reading We Asked a Doomsday Clock Scientist About Trump’s ‘Fire and Fury’ Threat