Collaborate Disseminate
The US Cybersecurity and Infrastructure Security Agency (CISA) published a long and technical alert describing a North Korea hacking scheme against ATMs in a bunch of countries worldwide: This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber… Continue reading North Korea ATM Hack
US Cyber Command has uploaded North Korean malware samples to the VirusTotal aggregation repository, adding to the malware samples it uploaded in February. The first of the new malware variants, COPPERHEDGE, is described as a Remote Access Tool (RAT) "used by advanced persistent threat (APT) cyber actors in the targeting of cryptocurrency exchanges and related entities." This RAT is known… Continue reading US Government Exposes North Korean Malware
US Cyber Command has uploaded North Korean malware samples to the VirusTotal aggregation repository, adding to the malware samples it uploaded in February. The first of the new malware variants, COPPERHEDGE, is described as a Remote Access Tool (RAT) &… Continue reading US Government Exposes North Korean Malware
Interesting details on Olympic Destroyer, the nation-state cyberattack against the 2018 Winter Olympic Games in South Korea. Wired’s Andy Greenberg presents evidence that the perpetrator was Russia, and not North Korea or China…. Continue reading Details of the Olympic Destroyer APT
Two weeks ago, I blogged about the myriad of hacking threats against the Olympics. Last week, the Washington Post reported that Russia hacked the Olympics network and tried to cast the blame on North Korea. Of course, the evidence is classified, so the… Continue reading Russians Hacked the Olympics
Two weeks ago, I blogged about the myriad of hacking threats against the Olympics. Last week, the Washington Post reported that Russia hacked the Olympics network and tried to cast the blame on North Korea. Of course, the evidence is classified, so there’s no way to verify this claim. And while the article speculates that the hacks were a retaliation… Continue reading Russians Hacked the Olympics
There are a lot: The cybersecurity company McAfee recently uncovered a cyber operation, dubbed Operation GoldDragon, attacking South Korean organizations related to the Winter Olympics. McAfee believes the attack came from a nation state that speaks Ko… Continue reading Internet Security Threats at the Olympics
There are a lot: The cybersecurity company McAfee recently uncovered a cyber operation, dubbed Operation GoldDragon, attacking South Korean organizations related to the Winter Olympics. McAfee believes the attack came from a nation state that speaks Korean, although it has no definitive proof that this is a North Korean operation. The victim organizations include ice hockey teams, ski suppliers, ski… Continue reading Internet Security Threats at the Olympics
There’s evidence: Though the assessment is not conclusive, the preponderance of the evidence points to Pyongyang. It includes the range of computer Internet protocol addresses in China historically used by the RGB, and the assessment is consistent with intelligence gathered recently by other Western spy agencies. It states that the hackers behind WannaCry are also called "the Lazarus Group," a… Continue reading NSA Links WannaCry to North Korea
Reuters has an article on North Korea’s cyberwar capabilities, specifically "Unit 180." They’re still not in the same league as the US, UK, Russia, China, and Israel. But they’re getting better…. Continue reading North Korean Cyberwar Capabilities