The North Korean hacking group Lazarus, affiliated with the Reconnaissance General Bureau, is strongly suspected to be behind a 4.45 billion Korean won hacking incident at the virtual asset exchange Upbit.
It has been confirmed that Lazarus carried out at least 31 hacking attacks over the past year. According to AhnLab’s “2025 Cyber Threat Trends & 2026 Security Outlook” report released on the 30th, Lazarus was the most frequently mentioned APT (Advanced Persistent Threat) group, with 31 activities recorded between October of last year and September of this year.
Read more…
Source: The Chosun Daily News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- SoumniBot: the new Android banker’s unique techniques
April 17, 2024
The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception. As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or spyware to smartphones, are very popular among malicious actors who attack mobile devices. That said, we ...
- From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering
April 16, 2024
Proofpoint researchers track numerous state-sponsored and state-aligned threat actors. TA427 (also known as Emerald Sleet, APT43, THALLIUM or Kimsuky), a Democratic People’s Republic of Korea (DPRK or North Korea) aligned group working in support of the Reconnaissance General Bureau, is particularly prolific in email phishing campaigns targeting experts for insight into US and the Republic of ...
- Thousands of LG TVs are vulnerable to takeover
April 9, 2024
As many as 91,000 LG TVs face the risk of being commandeered unless they receive a just-released security update patching four critical vulnerabilities discovered late last year. The vulnerabilities are found in four LG TV models that collectively comprise slightly more than 88,000 units around the world, according to results returned by the Shodan search engine ...
- Data From Chinese Security Services Company i-Soon Linked to Previous Chinese APT Campaigns
February 23, 2024
On Feb. 16, 2024, someone uploaded data to GitHub that included possible internal company communications, sales-related materials and product manuals belonging to the Chinese IT security services company i-Soon, also known as Anxun Information Technology. The leaked materials appear to show how a commercial entity developed and supported cyber espionage tools in support of Chinese-affiliated threat ...
- A first analysis of the i-Soon data leak
February 21, 2024
Data from a Chinese cybersecurity vendor that works for the Chinese government has exposed a range of hacking tools and services. Although the source is not entirely clear, it seems that a disgruntled staff member of the group leaked the information on purpose. The vendor, i-Soon (aka Anxun) is believed to be a private contractor that ...
- South Korea: KF-21 Fighter Jet Technology Leak Attempt Raises Concerns Over Diplomatic Tensions
February 5, 2024
An Indonesian technician working for Korea Aerospace Industries (KAI) was caught trying to leak internal documents related to the Korean supersonic fighter jet KF-21 ‘Boramae.’ While no core technology leaks have been confirmed yet, it is known that the individual attempted to extract a substantial amount of data. According to the Defense Acquisition Program Administration and ...