North Korean hackers are hijacking VS Code projects and fake interviews to deploy StoatWaffle malware, stealing credentials and targeting crypto professionals. Microsoft responds with new security measures.
#North Korean hackers | #StoatWaffle malware | #social engineering
North Korean-linked hackers have launched a sophisticated campaign using spear-phishing and the KakaoTalk messaging app to distribute the EndRAT malware. By exploiting trust networks, they turn victims into unwitting accomplices, illustrating the evolving dangers of socially engineered cyberattacks.
UNC4899, a North Korean threat group, breached a cryptocurrency firm after a developer AirDropped a trojanized file to a work device. The attack exploited cloud weaknesses, DevOps workflows, and lax secrets management, resulting in millions stolen. This feature investigates the methods and lessons from the breach.
#North Korean hackers | #AirDrop vulnerability | #cryptocurrency theft
A sophisticated new campaign dubbed StegaBin has compromised JavaScript developers through 26 malicious npm packages, deploying multi-stage credential stealers and a remote access trojan. Linked to North Korea’s FAMOUS CHOLLIMA group, the attack leverages text steganography and advanced persistence tactics.
North Korean hackers have unleashed a sophisticated attack on the npm ecosystem, hiding remote access malware inside developer packages and using steganography to mask their command infrastructure.
#North Korean hackers | #StegaBin campaign | #credential theft
A sophisticated cyber campaign leverages fake Next.js job repositories to lure developers into executing in-memory malware, exposing sensitive code and credentials. Microsoft links tactics to North Korean threat actors, highlighting the growing risks in developer recruitment.
#North Korean hackers | #developer malware | #job interview trap
North Korea’s Lazarus Group has adopted Medusa ransomware, launching sophisticated attacks on healthcare and non-profits. This marks a new era where state-backed hackers exploit vulnerable institutions for profit.
North Korea–linked hackers have shifted from simple crypto theft to complex, AI-driven scams, insider infiltration, and even building fake projects to siphon funds. Their evolving playbook has netted billions and now poses an unprecedented threat to the global crypto ecosystem.
North Korean hackers are exploiting developer hiring processes with fake interviews and IT worker personas, using advanced malware and AI-driven tradecraft to infiltrate companies, steal code, and generate sanctions-busting revenue.
#North Korean hackers | #Cybercrime syndicate | #Job interviews
North Korean hackers are targeting crypto developers through fake job interviews and infected code, deploying a backdoor and counterfeit MetaMask wallets to steal digital assets in a sophisticated new campaign.