North Korea

Pierluigi Paganini February 05, 2018
Cisco and FireEye Pointing Finger at North Korea Hacking Group For Adobe Flash 0-Day In The Wild

According to security researchers at Cisco and FireEye a North Korea Hacking Group is behind the attacks that exploited the recently discovered Adobe Flash 0-Day vulnerability. There have been over 1,000 Adobe Flash vulnerabilities since it was released. Designed to make website development easier and providing additional features not supported by standard web browsers, it also adds […]

Pierluigi Paganini February 01, 2018
South Korea Warns of Flash Zero-Day flaw exploited by North Korea in surgical attacks

South Korea’s Internet & Security Agency (KISA) is warning of a Flash zero-day vulnerability that has reportedly been exploited in attacks by North Korea’s hackers. According to the alert published by the KISA, the vulnerability affects the latest Flash Player version 28.0.0.137 and earlier. The zero-day vulnerability could be exploited by an attack by tricking […]

Pierluigi Paganini January 25, 2018
A look into the cyber arsenal used by Lazarus APT hackers in recent attacks against financial institutions

Security experts at Trend Micro have analyzed malware and a tool used by the Lazarus APT group in the recent attacks against financial institutions. Security experts at Trend Micro have analyzed the attacks conducted by the notorious Lazarus APT group against financial institutions. The activity of the Lazarus Group surged in 2014 and 2015, its […]

Pierluigi Paganini January 09, 2018
Experts spotted Monero cryptominer sending currency to North Korean University

Security researchers at AlienVault labs recently analyzed an application compiled on Christmas Eve 2017 that is an installer for a Monero cryptocurrency miner. The mined Monero coins are sent to Kim Il Sung University in Pyongyang, North Korea, but experts noted that the developers might not be of North Korean origins. The KSU is an unusually open University, it is attended […]

Pierluigi Paganini December 19, 2017
South Korea cryptocurrency exchange Youbit shuts down after second hack in 2017

The South Korea Cryptocurrency Exchange Youbit has gone bankrupt after suffering a major cyber attack for the second time this year. The South Korea Cryptocurrency Exchange Youbit shuts down after suffering a major cyber attack for the second time this year. The company announced bankrupt on Tuesday after being hacked for the second time in the last eight months, […]

Pierluigi Paganini December 15, 2017
Lazarus APT Group targets a London cryptocurrency company

Security experts from Secureworks revealed the Lazarus APT group launched a spearphishing campaign against a London cryptocurrency company. The dreaded Lazarus APT group is back and launched a spearphishing campaign against a London cryptocurrency company to steal employee credentials. The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks […]

Pierluigi Paganini November 15, 2017
US DHS and FBI share reports on FALLCHILL and Volgmer malware used by North Korean Hidden Cobra APT

US DHS published the details of the malware FALLCHILL and Volgmer used by the APT group Hidden Cobra that is linked to the North Korean government. The US Department of Homeland Security (DHS) published the details of the hacking tool FALLCHILL used one of the APT group linked to the North Korean government tracked as Hidden Cobra (aka Lazarus Group). […]

Pierluigi Paganini October 27, 2017
UK Government links the WannaCry attack that crippled NHS to North Korea

UK Government blamed North Korea for the WannaCry attack that affected a third of English hospitals. “This attack, we believe quite strongly that it came from a foreign state,” Ben Wallace, a junior minister for security, told BBC Radio 4’s Today programme. “North Korea was the state that we believe was involved in this worldwide attack,” […]

Pierluigi Paganini October 09, 2017
North Korea hackers threaten Irish companies with ‘almost daily’ attacks

State-sponsored hackers from North Korea are launching almost daily attacks on Irish companies and critical infrastructure North Korean state-sponsored hackers are launching almost daily attacks on Irish companies and critical infrastructure, they are also suspected to be responsible for the €4.3m cyber heist on Meath County Council in October 2016. Ireland is considered a privileged […]

Pierluigi Paganini October 05, 2017
Russian firm provides North Korea with second Internet route

Dyn Research discovered traffic coming from North Korea running over the Russian TransTeleCom network, this is the second internet route of the regime. North Korea gets a second Internet connection thanks to the support of a state-owned Russian firm. From the perspective of security analysts, this second connection will improve in a significant way the cyber […]