-
North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks
A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence mechanisms and leverages Ethereum smart contracts for communication with the attacker.
- December 09, 2025
- 10:43 AM
0
-
North Korea lures engineers to rent identities in fake IT worker scheme
In an unprecedented intelligence operation, security researchers exposed how North Korean IT recruiters target and lure developers into renting their identities for illicit fundraising.
- December 02, 2025
- 09:57 AM
5
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
North Korean hackers use EtherHiding to hide malware on the blockchain
North Korean hackers were observed employing the 'EtherHiding' tactic to deliver malware, steal cryptocurrency, and perform espionage with stealth and resilience.
- October 16, 2025
- 10:00 AM
- 0
-
US targets North Korean IT worker army with new sanctions
The U.S. Treasury's Office of Foreign Assets Control (OFAC) has sanctioned two individuals and two companies associated with North Korean IT worker schemes that operate at the expense of American organizations.
- August 28, 2025
- 03:11 PM
- 0
-
US sanctions North Korean firm, nationals behind IT worker schemes
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned three North Korean nationals and a company for supporting fraudulent IT worker schemes that generated illicit revenue for the Democratic People's Republic of Korea (DPRK) government.
- July 25, 2025
- 08:40 AM
- 0
-
US disrupts North Korean IT worker "laptop farm" scheme in 16 states
The U.S. Department of Justice (DoJ) announced coordinated law enforcement actions against North Korean government's fund raising operations using remote IT workers.
- July 01, 2025
- 09:56 AM
- 1
-
North Korean IT worker army expands operations in Europe
North Korea's IT workers have expanded operations beyond the United States and are now increasingly targeting organizations across Europe.
- April 01, 2025
- 02:55 PM
- 0
-
US offers $5 million for info on North Korean IT worker farms
The U.S. State Department is offering a reward of up to $5 million for information that could help disrupt the activities of North Korean front companies and employees who generated over $88 million via illegal remote IT work schemes in six years.
- December 12, 2024
- 03:24 PM
- 3
-
US govt sanctions North Korea’s Kimsuky hacking group
The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence in support of the country's strategic goals.
- November 30, 2023
- 05:08 PM
- 2
-
North Korean ransomware attacks on healthcare fund govt operations
A new cybersecurity advisory from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) describes recently observed tactics, techniques, and procedures (TTPs) observed with North Korean ransomware operations against public health and other critical infrastructure sectors.
- February 10, 2023
- 09:35 AM
- 0
-
U.S. doubles reward for tips on North Korean-backed hackers
The U.S. State Department has increased rewards paid to anyone providing information on any North Korean-sponsored threat groups' members to $10 million.
- July 26, 2022
- 11:06 AM
- 1
-
North Korean devs pose as US freelancers to aid DRPK govt hackers
The U.S. government is warning that the Democratic People's Republic of Korea (DPRK) is dispatching its IT workers to get freelance jobs at companies across the world to obtain privileged access that is sometimes used to facilitate cyber intrusions.
- May 17, 2022
- 06:16 PM
- 0
-
North Korean hackers targeting journalists with novel malware
North Korean state-sponsored hackers known as APT37 have been discovered targeting journalists specializing in the DPRK with a novel malware strain.
- April 25, 2022
- 01:51 PM
- 0
-
Ethereum dev imprisoned for helping North Korea evade sanctions
Virgil Griffith, a US cryptocurrency expert, was sentenced on Tuesday to 63 months in prison after pleading guilty to assisting the Democratic People's Republic of Korea (DPRK) with technical info on how to evade sanctions.
- April 12, 2022
- 05:42 PM
- 0
-
North Korean state hackers start targeting the IT supply chain
North Korean-sponsored Lazarus hacking group has switched focus on new targets and was observed by Kaspersky security researchers expanding its supply chain attack capabilities.
- October 26, 2021
- 01:23 PM
- 0
-
Ethereum dev admits to helping North Korea evade crypto sanctions
Cryptocurrency expert Virgil Griffith pled guilty today to assisting the Democratic People's Republic of Korea in evading U.S. sanctions by conspiring to violate the International Emergency Economic Powers Act (IEEPA) and Executive Order 13466.
- September 27, 2021
- 03:14 PM
- 0
-
North Korean hackers use new Vyveva malware to attack freighters
The North Korean-backed Lazarus hacking group used new malware with backdoor capabilities dubbed Vyveva by ESET researchers in targeted attacks against a South African freight logistics company.
- April 08, 2021
- 09:01 AM
- 0
-
US shares info on North Korean malware used to steal cryptocurrency
The FBI, CISA, and US Department of Treasury shared detailed info on malicious and fake crypto-trading applications used by North Korean-backed state hackers to steal cryptocurrency from individuals and companies worldwide in a joint advisory published on Wednesday.
- February 18, 2021
- 10:25 AM
- 0
-
Microsoft: DPRK hackers 'likely' hit researchers with Chrome exploit
Today, Microsoft disclosed that they have also been monitoring the targeted attacks against vulnerability researchers for months and have attributed the attacks to a DPRK group named 'Zinc.'
- January 28, 2021
- 02:47 PM
- 0
-
US wants to seize cryptocurrency stolen by North Korean hackers
The U.S. Justice Department today filed a civil forfeiture complaint aiming to seize control of 280 Bitcoin (BTC) and Ethereum (ETH) accounts containing funds allegedly stolen by North Korean hackers in attacks against two unnamed cryptocurrency exchanges.
- August 27, 2020
- 05:22 PM
- 0
5
- 1
- 2
