In April 2025, a report by Mandiant revealed that multiple North Korean hacker groups are increasingly targeting the cryptocurrency and Web3 sectors. Their motives appear to be financially driven, with operations aimed at stealing digital assets, potentially to fund the country’s weapons programs. Notable threat clusters, like UNC1069 and UNC4899, employ social engineering tactics such ...
North Korea has recently conducted a nationwide survey on electronic payments, revealing a growing demand in urban areas like Pyongyang, while cash transactions remain prevalent in the provinces. The Central Bank organized the survey to understand payment habits, and results showed a significant increase in mobile payment app usage, particularly among younger people. Cities like ...
North Korea’s cyber capabilities have advanced significantly, moving beyond simple hacking to sophisticated operations that include manipulating public opinion, stealing military technology, and cryptocurrency theft. The regime established the “227 Research Center” for real-time responses to international hacking threats, highlighting the importance of cyber warfare for its survival. North Korea’s cyber operatives are focused on ...
The Lazarus Group, a hacking organization linked to North Korea, now holds more bitcoin than Tesla, the electric vehicle giant. According to Arkham Intelligence, Lazarus possesses 13,441 BTC, valued at $1.14 billion, which is 16% more than Tesla’s 11,509 BTC. Recently, Lazarus executed a significant hack on the crypto exchange Bybit, stealing $1.4 billion in ...
North Korea has emerged as a major player in the cryptocurrency world, reportedly owning 13,562 bitcoins valued at about $1.14 billion. This places the country third globally in government-held bitcoin reserves, following the United States and Britain. The surge in North Korea’s crypto holdings is linked to a massive $1.5 billion theft carried out by ...
A North Korean hacking group, known as the Lazarus Group, has successfully stolen about $300 million from the cryptocurrency exchange ByBit as part of a larger $1.5 billion heist. This notorious group specializes in hacking and is now funneling stolen funds, likely to support the North Korean military. Experts warn that tracking and recovering the ...
Malware targeting macOS is becoming more common, particularly from North Korean hackers who are using sophisticated methods to steal sensitive data. Recent investigations uncovered two types of malware: RustDoor and a new variant of Koi Stealer, both disguised as legitimate software updates. These attackers often pose as job recruiters to lure software developers into downloading ...
Freelance software developers are facing a serious threat from a hacking campaign linked to North Korea, known as DeceptiveDevelopment. This campaign uses job interview scams to distribute malicious software like BeaverTail and InvisibleFerret, which aim to steal cryptocurrency and sensitive login information. Researchers at ESET reported that attackers target platforms like Upwork and Freelancer, using ...
North Korea’s Lazarus Group has launched a new cyber attack campaign called Operation 99, targeting software developers in the Web3 and cryptocurrency sectors. This scheme involves fake recruiters on platforms like LinkedIn, enticing developers with seemingly legitimate projects that lead them to harmful GitLab repositories. Once cloned, these repositories contain malware that connects to command-and-control ...
A hacker group linked to North Korea, called TraderTraitor, stole approximately 48.2 billion yen, or about $307 million, from the Tokyo-based cryptocurrency exchange DMM Bitcoin Co. in May. Japanese police, along with the U.S. Department of Defense and FBI, identified the group and traced the stolen bitcoin to them. An investigation revealed that a DMM ...
