North Korean – WindowsTechs.com

Suspected North Korean hackers who targeted job applicants prove more ambitious than first believed

Posted on November 6, 2020 by Tim Starks

A possible North Korean government-connected cyber-espionage campaign that targeted the defense industry stretched further than originally known when it was inititally uncovered this summer, researchers said. “Operation North Star” went beyond targeting South Korea to include Australia, India, Israel and Russia, McAfee said in a report out Friday. And its motives and methods seem to be clearer now, too, according to researchers. Israel’s Ministry of Defense had previously blamed Lazarus Group, which the U.S. government calls Hidden Cobra, for sending phony job offers in its defense sector — a tactic that lined up with McAfee’s earlier description of Operation North Star tactics. Additionally, the campaign used a previously undiscovered implant called Torisma that it deployed to burrow further into victims’ systems, McAfee said. The tactic represents the kind of digital spying technique that would have given hackers access to machines belonging to job applicants positioned near military organizations — just the kind of targets that a […]

The post Suspected North Korean hackers who targeted job applicants prove more ambitious than first believed appeared first on CyberScoop.

Continue reading Suspected North Korean hackers who targeted job applicants prove more ambitious than first believed→

For foreign hackers, 2018 was all about subtlety, CrowdStrike says

Posted on February 19, 2019 by Jeff Stone

Nation-state hackers from China, Russia and elsewhere spent last year updating their tradecraft and tightening their focus on espionage targets, according to a new CrowdStrike report examining the evolution of cyber-espionage in 2018. The year didn’t see a suspected state-sponsored cyberattack on the scale of 2017’s NotPetya or WannaCry ransomware campaigns, which researchers have suggested were the work of Russian and North Korean hackers, respectively. But in the absence of another headline-grabbing crime spree, international hackers sought to advance their boss’ interests in more subtle ways: by more carefully determining who to hack and moving more quickly once inside, CrowdStrike said. Chinese actors re-ignited their attacks against American targets amid a trade war with the U.S. Russia continued their reconnaissance efforts, while North Korea used digital techniques to generate cryptocurrency that would help Pyongyang avoid sanctions. Meanwhile, in Iran, state-sponsored hackers focused on domestic targets and rivals in the Middle […]

The post For foreign hackers, 2018 was all about subtlety, CrowdStrike says appeared first on CyberScoop.

Continue reading For foreign hackers, 2018 was all about subtlety, CrowdStrike says→

Samples of SiliVaccine Offer Rare Peek Inside North Korea’s Antivirus Software

Posted on May 1, 2018 by Tom Spring

Samples of North Korean antivirus software called SiliVaccine crib software code from a competitor and come loaded with malware and a backdoor. Continue reading Samples of SiliVaccine Offer Rare Peek Inside North Korea’s Antivirus Software→

DHS, FBI Warn of North Korea ‘Hidden Cobra’ Strikes Against US Assets

Posted on June 14, 2017 by Tom Spring

DHS and the FBI warned that North Korean attackers are targeting U.S. businesses with malware- and botnet-related attacks that are part of concerted effort dubbed “Hidden Cobra.” Continue reading DHS, FBI Warn of North Korea ‘Hidden Cobra’ Strikes Against US Assets→