North Korea News, Articles and Updates

N Korea expanding cyber-attack capabilities, intention appears disruption

North Korea appears to be planning major international cyber-attacks, with espionage group APT37 (Reaper) seen to be expanding its scope and sophistication with new zro day vulnerabilities and wiper malware.

Lazarus Group back from the dead - again - with renewed phishing campaign

Hacker group Lazarus has renewed a phishing campaign it launched, but instead of injecting malware to access enterprise IT environments, the group is now injecting implants to identify those running Bitcoin-related software.

Flash Player zero-day attacks attributed to advancing North Korean APT

Researchers are reporting that an increasingly sophisticated North Korean hacking group is responsible for an attack campaign exploiting CVE-2018-4878, a critical use-after-free flaw in Flash Player that has not yet been patched.

North Korea-linked trojan switches targets from banks to cryptocurrency enthusiasts

Originally used by reputed North Korean hackers to attack the global banking sector, the Ratankba downloader trojan has been repurposed into a PowerShell-based variant that appears to be targeting small, non-financial organisations.

North Korea blamed for yet another cryptocurrency-focused phishing campaign

Amidst recent reports of renewed peace talks on the Korean peninsula, another cyber-security firm has come forward with evidence that state-sponsored North Korean hackers have been repeatedly launching spearphishing campaigns.

North Korean Monero miner: educational tool or weapon prototype?

A North Korean cryptominer is raising questions as to whether it is an educational tool or a prototype to carry out silent attacks on unsuspecting CPUs.

North Korea bitten by bitcoin bug: Lazarus Group now financially motivated

Several multistage attacks that use cryptocurrency-related lures to infect victims with backdoors and reconnaissance malware that have been attributed to the Lazarus Group have been uncovered by Proofpoint researchers.

Update 2: UK & US blame North Korea for WannaCry - 'directly responsible'

North Korea was behind the WannaCry ransomware that blazed a destructive path around the world last spring, wreaking havoc on companies of all stripes say both UK and US officials.

More evidence emerges of North Korea targeting cryptocurrency industry

State-sanctioned North Korean hackers allegedly continue to target cryptocurrency companies and exchanges, particularly as a means of enriching the nation and countering the effects of imposed economic sanctions.

DHS, FBI analyze North Korean Hidden Cobra, FallChill

The US Department of Homeland Security (DHS) and US Federal Bureau of Investigation (FBI) have officially revealed the IP addresses that they say are used by the North Korean government to administer the RAT FallChill.

Wannacry - North Korea blamed by UK; NHS didn't follow recommendations

National Audit Office (NAO) report says NHS trusts were left vulnerable to the unsophisticated Wannacry attack because NHS chiefs ignored cyber-security recommendations. UK Government holds North Korea responsible.

Why we need to think twice before blaming North Korea for cyber-attacks

Ahead of today's UK attribution of WannaCry to North Korea, Bharat Mistry advises that the reclusive country's internet and computing infrastructure is not as locked-down as we might believe, thus open to outside interference.

North Korean hackers suspected of targeting Nepali bank SWIFT codes

Cyber-criminals used stolen SWIFT codes to transfer money from multiple Nepali banks on 19 October 2017.

War plans including assassination plan stolen by North Korean hackers

North Korean hackers have stolen the joint South Korean-US plans for war with the north, including plans to assassinate North Korean leader Kim Jung Un according to an FT report quoting South Korea's Democratic party.

Informed and tech savvy North Korean ruling elite regularly online

There are four million 3G-capable mobile devices in North Korea, but only the small group of the most senior leaders and ruling elite are granted direct access to the worldwide internet.

Pyongyang calling: GCHQ also now pins WannaCry on North Korea

Not much is known of the investigation by the NCSC into the attack, but experts disagree on the validity of the claims.

Breaking the mould: Why North Korea is unlikely to be behind the WannaCry attack

Ross Rustici provides insight into why North Korea is unlikely to be the answer to the identity of the WannaCry attack.

North Korea APT and WannaCry linked by multiple independent researchers

If North Korea is behind the 11 May WannaCry attack, it would be the first known time a nation-state sponsored and perpetrated a ransomware attack.

Attack on South Korean "vaccine" router blamed on North Korea

North Korea is suspect number one in an attack against South Korea's cyber command last month, according to a member of the main opposition party, Minjoo.