Hackers claim to have compromised the computer of a North Korean government hacker and leaked its contents online, offering a rare window into a hacking operation by the notoriously secretive nation.
The two hackers, who go by Saber and cyb0rg, published a report about the breach in the latest issue of Phrack magazine, a legendary cybersecurity e-zine that was first published in 1985. The two hackers wrote that they were able to compromise a workstation containing a virtual machine and a virtual private server belonging to the hacker, whom they call “Kim.” The hackers claim Kim works for the North Korean government espionage group known as Kimsuky, also known as APT43 and Thallium.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- US government warns of North Korean hackers targeting banks worldwide
August 26, 2020
North Korean hackers tracked as BeagleBoyz have been using malicious remote access tools as part of ongoing attacks to steal millions from international banks according to a joint advisory issued today by several U.S. Government agencies. The joint release says that North Korea’s BeagleBoyz hacking group has once again started robbing banks through remote internet access ...
- Lazarus group strikes cryptocurrency firm through LinkedIn job adverts
August 25, 2020
The Lazarus group is on the hunt for cryptocurrency once more and has now launched a targeted attack against a crypto organization by exploiting the human element of the corporate chain. On Tuesday, cybersecurity researchers from F-Secure said the cryptocurrency organization is one of the latest victims in a global campaign which has targeted businesses in ...
- US govt exposes new North Korean BLINDINGCAN backdoor malware
August 19, 2020
U.S. government agencies today published a malware analysis report exposing information on a remote access trojan (RAT) malware used by North Korean hackers in attacks targeting government contractors. The malware was identified by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) and is known as known BLINDINGCAN. The trojan was attributed ...
- US defense and aerospace sectors targeted in new wave of North Korean attacks
July 30, 2020
Tracked under the codename of “Operation North Star,” McAfee said these attacks have been linked to infrastructure and TTPs (Techniques, Tactics, and Procedures) previously associated with Hidden Cobra — an umbrella term the US government uses to describe all North Korean state-sponsored hacking groups. As for the attacks themselves, McAfee said they were run-of-the-mill spear-phishing emails ...
- North Korean hackers infect real 2FA app to compromise Macs
May 9, 2020
Hackers have hidden malware in a legitimate two-factor authentication (2FA) app for macOS to distribute Dacls, a remote access trojan associated with the North Korean Lazarus group. Dacls has been used to target Windows and Linux platforms and the recently discovered RAT variant for macOS borrows from them much of the functionality and code. The threat actor planted the ...
- US offers $5 million reward for information on North Korean hackers
April 15, 2020
The US government is willing to pay up to $5 million for information on North Korea’s hackers and their ongoing hacking operations. The reward for reporting North Korean hackers was announced today in a joint report published by the Departments of State, Treasury, Homeland Security, and the Federal Bureau of Investigation. The joint report contains a summary ...