North Korea’s Hidden Cobra Strikes U.S. Targets with HOPLIGHT
The custom malware is a spy tool and can also disrupt processes at U.S. assets. Continue reading North Korea’s Hidden Cobra Strikes U.S. Targets with HOPLIGHT
Category Archives: Lazarus Group
Lazarus Group Widens Tactics in Cryptocurrency Attacks
MacOS users, as well as Windows, are in the cross-hairs, especially those based in South Korea. Continue reading Lazarus Group Widens Tactics in Cryptocurrency Attacks
Lazarus rises in Israel with attempted hack of defense company, researchers say
A notorious hacking group experts have tied to the North Korean government has targeted an Israeli defense company, according to new research outlining what appears to be one of the group’s first attacks on an Israeli entity. The unnamed company makes products used in the military and aerospace industries, and the hackers could have been after commercial secrets or more traditional espionage, according to ClearSky, the cybersecurity firm that exposed the operation. The suspected culprit is Lazarus Group, an industry term for a broad set of hackers associated with Pyongyang. “We cannot be sure what the objective of the attackers [was],” Eyal Sela, head of threat intelligence at ClearSky, told CyberScoop in an email. “[It] could be industrial/commercial espionage but could be military espionage, for example.” North Korean dictator Kim Jim Un has set ambitious economic goals, and some cybersecurity analysts have predicted he will unleash the Pyongyang-affiliated hackers to meet those deadlines by targeting multinational companies’ trade […]
The post Lazarus rises in Israel with attempted hack of defense company, researchers say appeared first on CyberScoop.
Continue reading Lazarus rises in Israel with attempted hack of defense company, researchers say
Jackson County pays ransomware operators $400k to regain access to computers
Officials in Jackson County, a rural area in the southeastern US state of Georgia, were forced over the weekend to pay hackers almost half a million dollars after a ransomware attack brought its entire fleet of computer systems to its knees. According … Continue reading Jackson County pays ransomware operators $400k to regain access to computers
Researchers Link ‘Sharpshooter’ Cyber Attacks to North Korean Hackers
Security researchers have finally, with “high confidence,” linked a previously discovered global cyber espionage campaign targeting critical infrastructure around the world to a North Korean APT hacking group.
Thanks to the new evidence collected by r… Continue reading Researchers Link ‘Sharpshooter’ Cyber Attacks to North Korean Hackers
A server likely used by Lazarus Group offers clues to a broader espionage campaign
An analysis of a command-and-control server suspected of being used by North Korean hackers shows it was the centerpiece of a previously discovered global espionage campaign that is broader and longer-running than initially understood, security researchers with McAfee announced Sunday. The campaign began as early as September 2017, a year earlier than previously documented, and is targeting financial services and government organizations, among others, researchers said. Most of the malicious activity is against organizations in Germany, Turkey, the U.S., and the United Kingdom, the researchers said. In December, McAfee published research on the espionage campaign, dubbed Operation Sharpshooter, saying it hit 87 organizations – including those in the nuclear, defense, and financial sectors – in October and November alone. After picking apart code and other data from the server, McAfee researchers say they’ve found “striking similarities” between last year’s attacks and several others attributed to Lazarus Group, a broad set of […]
The post A server likely used by Lazarus Group offers clues to a broader espionage campaign appeared first on CyberScoop.
Continue reading A server likely used by Lazarus Group offers clues to a broader espionage campaign
RSAC 2019: New Operation Sharpshooter Data Reveals Higher Complexity, Scope
New look at server data behind a previously-identified espionage campaign shows that it has exceeded researchers’ expectations in complexity, scope and breadth. Continue reading RSAC 2019: New Operation Sharpshooter Data Reveals Higher Complexity, Scope
North Korean Lazarus Group Starts Targeting Russian Organizations
In an unusual move, the Lazarus hacking group associated with the North Korean government has recently started targeting organizations from Russia. The group’s primary targets until now have been organizations from countries with which North Kor… Continue reading North Korean Lazarus Group Starts Targeting Russian Organizations
U.S. Government Goes After North Korea’s Joanap Botnet
The Department of Justice is looking to dismantle the Joanap botnet, which has been built and controlled by North Korea-linked hackers since 2009. Continue reading U.S. Government Goes After North Korea’s Joanap Botnet
FBI Mapping ‘Joanap Malware’ Victims to Disrupt the North Korean Botnet
The United States Department of Justice (DoJ) announced Wednesday its effort to “map and further disrupt” a botnet tied to North Korea that has infected numerous Microsoft Windows computers across the globe over the last decade.
Dubbed Joanap, the bot… Continue reading FBI Mapping ‘Joanap Malware’ Victims to Disrupt the North Korean Botnet