North Korean Hackers Increase Cyber Attacks Worldwide
Published by a joint advisory, threat actors have conducted a cyber espionage campaign targeting the defense sector across the world. These actors aim to seize advanced defense technologies in a “cost-effective” manner and modernize conventional weapons and develop strategical weapon systems including ballistic missiles, reconnaissance satellites, and submarines, an advisory by Germany’s Federal Office for the Protection of the Constitution (BfV) and South Korea’s National Intelligence Service (NIS) disclosed.
Why This Matters
In a hacking incident the infamous Lazarus Group, responsible of social engineering to infiltrate the defense sector, has been ongoing since August 2020. Threat actors create a fake profile or leverage legitimate-but-compromised profiles on platforms like LinkedIn or WhatsApp to launch a recruitment process, leading to the compromise of victim’s computers.
One case concerns intrusive behavior into a defense research center towards the end of 2022, by another North Korean-based threat actor. The breach unfolded over five stages.
t/f Summary: What’s Next
The development comes as blockchain analytics firm Chainalysis revealed that the Lazarus Group has switched to using YoMix bitcoin mixer to launder stolen proceeds following the shutdown of Sinbad indicating their ability to adapt their modus operandi in response to law enforcement actions.