North Korean ScarCruft Group Shifts Strategy: Adding Ransomware to Espionage Operations.
Posted inCybersecurity News

North Korean ScarCruft Group Shifts Strategy: Adding Ransomware to Espionage Operations.

The North Korean state-backed hacking group ScarCruft has significantly evolved its tactics, moving beyond traditional cyber-espionage to incorporate ransomware attacks—marking a notable strategic shift for the group. This development represents a concerning expansion of capabilities that blends intelligence gathering with financially motivated cybercrime.
Arizona woman sentenced to 8 years for aiding North Korean cybercriminals
Posted inCybersecurity News

Arizona woman sentenced to 8 years for aiding North Korean cybercriminals

In a landmark federal court case, Christina Marie Chapman, a 50-year-old resident of Arizona, has been sentenced to 102 months in prison after pleading guilty to helping North Korean IT operatives penetrate the remote networks of more than 300 American businesses. Prosecutors have described the sophisticated fraud operation as one of the largest ever prosecuted involving North Korean cyber schemes targeting the U.S. private sector.
U.S. sanctions North Korean member of the Andariel hacking group for his role in fraudulent IT worker scheme.
Posted inCybersecurity News

U.S. sanctions North Korean member of the Andariel hacking group for his role in fraudulent IT worker scheme.

The U.S. Department of the Treasury recently imposed sanctions on Song Kum Hyok, a North Korean cyber operative linked to the notorious Andariel hacking group. This action targets his central role in orchestrating a fraudulent IT worker scheme that generated illicit revenue for the North Korean regime, supporting its weapons of mass destruction (WMD) and ballistic missile programs.
Kim Jong Un hacking
Posted inCybersecurity News

Exploring a New KimJongRAT Stealer Variant and Its PowerShell Implementation

Security researchers have identified a new and sophisticated variant of the KimJongRAT information stealer, notable for its advanced evasion techniques, robust persistence mechanisms, and a novel PowerShell-based implementation. This latest evolution of the KimJongRAT malware family, which first emerged in 2013, demonstrates a heightened focus on stealing both general system data and cryptocurrency assets, leveraging multi-stage delivery chains and legitimate infrastructure to evade detection.