Collaborate Disseminate
Researcher discovered a MacOS trojan hiding behind a fake crypto trading platform believed to be the work of the state-sponsored North Korean hackers behind WannaCry. Continue reading Stealthy MacOS Malware Tied to Lazarus APT
The Lazarus hacking group are trying to sneak a ‘fileless’ Trojan on to Apple computers, disguised as a fake cryptocurrency trading program. Continue reading Mac users targetted by Lazarus ‘fileless’ Trojan
A story has been making the rounds on the Internet since yesterday about a cyber attack on an Indian nuclear power plant.
Due to some experts commentary on social media even after lack of information about the event and overreactions by many, the inci… Continue reading Hackers Target Indian Nuclear Power Plant – Everything We Know So Far
North Korean government-backed hackers are targeting cryptocurrency exchanges to try to steal financial resources as Pyongyang searches for ways to fund its regime, two researchers discovered within the past week. Lazarus Group, also known as APT38, has carried out hacks against central banks and exploited monetary exchanges as part of an effort to boost Kim Jong-un’s financial and military goals. The United Nations revealed in August North Korea had gained approximately $2 billion from hacking banks and cryptocurrency companies. This time, they’re using a front company to do it. Researchers Patrick Wardle, the principal security researcher at Jamf, and MalwareHunterTeam, of IDRansomware, a group that aims to help provide guidance on ransomware, found malware affecting Mac and Windows operating systems that installs a backdoor Trojan on victim machines, allowing hackers to gain control of infected targets. The malware asks for administrative privileges during installation, then communicates with a command-and-control server, and can receive instructions from the hackers to run certain tasks, […]
The post North Korea is using front companies to steal cryptocurrency appeared first on CyberScoop.
Continue reading North Korea is using front companies to steal cryptocurrency
Seen this month attacking victims in India, the Dtrack malware is bent on financial gain and high-end spying. Continue reading Dtrack RAT is Behind Virulent ATM-Espionage Campaign
The US has formally sanctioned the Lazarus Group and offshoots Bluenoroff and Andariel, which are allegedly acting on behalf of the DPRK. Continue reading US Treasury targets North Korean hacking groups
Three North Korean threat groups have been sanctioned in the U.S. as part of a larger U.S. initiative against North Korea-linked malicious cyber activity. Continue reading U.S. Sanctions North Korean Group Behind WannaCry, Sony Hacks
Add the U.S. Treasury to the list of government agencies going after North Korean hackers. The Treasury’s Office of Foreign Assets Control announced Friday it is sanctioning three North Korean hacking groups it says are backed by Kim Jong-un’s regime, including the well-known Lazarus Group. The office also identifies two sub-groups of Lazarus Group, Bluenoroff and Andariel. Bluerunoff has targeted foreign financial institutions in Bangladesh, India, Mexico, Pakistan, Philippines, South Korea, Taiwan, Turkey, Chile, and Vietnam, as well as the Society for Worldwide Interbank Financial Telecommunication (SWIFT) monetary transfer system to conduct cyber-enabled financial heists in response to prior sanctions, according to OFAC. Andariel has been more focused on stealing cash and customer information from ATMs as well as targets in government agencies and in the defense industry, including those in South Korea to gather intelligence, according to OFAC. The U.S. government has previously linked Lazarus Group with the North […]
The post North Korean government hackers sanctioned by U.S. Treasury appeared first on CyberScoop.
Continue reading North Korean government hackers sanctioned by U.S. Treasury
Telemetry for the first half of the year shows that Apple’s ecosystem is firmly in cybercriminals’ sights. Continue reading ThreatList: Apple Adware, Phishing, APT Attacks Threaten macOS Users
Malicious software samples uploaded by U.S. Cyber Command to VirusTotal on Wednesday are associated with campaigns from Lazarus Group, an advanced persistent threat group linked with North Korea, two cybersecurity researchers told CyberScoop. Lazarus is an umbrella name that typically describes hacking activity which advances Pyongyang’s interests. The group is especially known for its financial motivations, such as abusing the Society for Worldwide Interbank Financial Telecommunication (SWIFT) monetary transfer system and for hacking banks, according to Adam Meyers, vice president of intelligence at CrowdStrike. The instance Wednesday marks the second time in as many months Cyber Command added malware details to the VirusTotal security repository as part of an information sharing effort with the private sector. Researchers from cybersecurity firms Symantec and CrowdStrike said they have seen the two malware samples in this case (available here and here) associated with Lazarus Group. The technical capabilities of the malware strains were not immediately clear. The last samples Cyber Command shared were […]
The post U.S. Cyber Command warns of North Korea-linked Lazarus Group malware appeared first on CyberScoop.
Continue reading U.S. Cyber Command warns of North Korea-linked Lazarus Group malware