• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

North Korean Hackers Turn to Credential Harvesting in Latest Wave of Cyberattacks

You are here: Home / General Cyber Security News / North Korean Hackers Turn to Credential Harvesting in Latest Wave of Cyberattacks
January 25, 2023

Credential Harvesting

A North Korean nation-state team infamous for crypto heists has been attributed to a new wave of malicious email attacks as aspect of a “sprawling” credential harvesting exercise focusing on a number of sector verticals, marking a sizeable shift in its technique.

The point out-aligned threat actor is currently being tracked by Proofpoint underneath the identify TA444, and by the more substantial cybersecurity neighborhood as APT38, BlueNoroff, Copernicium, and Stardust Chollima.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


TA444 is “utilizing a broader wide range of shipping methods and payloads alongside blockchain-relevant lures, fake job possibilities at prestigious companies, and income changes to ensnare victims,” the company security agency said in a report shared with The Hacker News.

The superior persistent danger is some thing of an aberration among the point out-sponsored groups in that its operations are fiscally motivated and geared in direction of producing illicit income for the Hermit Kingdom.

To that close, the attacks employ phishing e-mails, generally tailor-made to the victim’s interests, that are laden with malware-laced attachments this kind of as LNK files and ISO optical disk photographs to bring about the an infection chain.

Amid other strategies contain the use of compromised LinkedIn accounts belonging to respectable business executives to method and have interaction with targets prior to providing booby-trapped one-way links.

Extra current campaigns in early December 2022, nonetheless, have witnessed a “substantial deviation,” wherein the phishing messages prompted the recipients to click on a URL that redirected to a credential harvesting site.

The email blast targeted several verticals aside from the economical sector, which includes training, authorities, and healthcare, in the U.S. and Canada.

The experimentation apart, TA444 has also been observed expanding the operation of CageyChameleon (aka CabbageRAT) to further aid in sufferer-profiling, while also sustaining a large arsenal of post-exploitation equipment to aid theft.

“In 2022, TA444 took its aim on cryptocurrencies to a new amount and has taken to mimicking the cybercrime ecosystem by tests a variety of infection chains to assistance grow its revenue streams,” Proofpoint claimed.

The conclusions arrive as the U.S. Federal Bureau of Investigation (FBI) accused the BlueNoroff actors of carrying out the theft of $100 million in crypto stolen from Harmony Horizon Bridge in June 2022.

“With a startup mentality and a enthusiasm for cryptocurrency, TA444 spearheads North Korea’s dollars movement technology for the regime by bringing in launderable money,” Proofpoint’s Greg Lesnewich stated. “This menace actor swiftly ideates new attack approaches while embracing social media as aspect of their [modus operandi].”

The group “remains engaged in its endeavours to use cryptocurrency as a automobile to supply usable cash to the regime,” the corporation added.

Located this article exciting? Observe us on Twitter  and LinkedIn to examine far more special material we publish.


Some parts of this posting are sourced from:
thehackernews.com

Previous Post: «Cyber Security News New Cheats May Emerge After Riot Games Hack
Next Post: Regulator Stress Test Highlights Cyber Insurance Concerns Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Regulator Stress Test Highlights Cyber Insurance Concerns
  • North Korean Hackers Turn to Credential Harvesting in Latest Wave of Cyberattacks
  • New Cheats May Emerge After Riot Games Hack
  • Just Half of Firms Have Sufficient Cybersecurity Budget
  • LastPass Parent Company GoTo Suffers Data Breach, Customers’ Backups Compromised
  • VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities
  • VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities
  • DragonSpark Hackers Evade Detection With SparkRAT and Golang
  • FBI Confirms Lazarus Group Was Behind $100m Harmony Hack
  • Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery

Copyright © TheCyberSecurity.News, All Rights Reserved.