The US government's IT emergency response team (US-Cert) has released a new report on the latest exploits by North Korea's Hidden Cobra hacking teams.
the updated notice (PDF) details how hacking groups believed to operate on behalf of the isolated government have conducted various hacking operations in recent years to raise money for the sanctions regime. There is currently up to $ 5 million to win for catching North Korean infidels.
Among the claims in the report, hackers to the DPRK (US-Cert uses Hidden Cobra as a catch-all name) launched high-arm businesses to pay them for “protection” and also lent their services to other hacking teams.
“DPRK cyber actors have also carried out extortion campaigns against third country entities by compromising an entity's network and threatening to shut it down unless the entity pays a ransom,” notes US. -Cert.
“In some cases, DPRK cyber actors have demanded payment of victims under long-term paid consultation agreements to ensure that no such malicious cyber activity occurs. Cyber actors in the DPRK have also been paid to hack websites and extort targets for third-party clients. “
US-Cert also notes a number of recent reports on the group, including the UN 2019 Expert group report who determined that the hacking team had probably generated something in the order of $ 2 billion for the despotic regime since its first appearance in 2014 with the Sony hacking.
This crew, known as the Lazarus Group, was also blamed for the Wannacry 2.0 malware and the theft of 81 million dollars from a bank in Bangladesh.
Mentioned in this UN report and highlighted by US-Cert, this was a more recent development in cryptojacking, as crews used their arsenal of malware to start targeting crypto wallets. currency or use compute cycles on infected machines to generate new coins.
FBI awards $ 5 million bonus to suspected Chinese supplier of ADM
“The [UN report] has identified several incidents in which computers infected with cryptojacking malware sent the mined assets – much of the digital currency backed by anonymity (sometimes also called “privacy coins”) – to servers located in the DPRK , including Kim Il Sung University in Pyongyang, “reported US-Cert.
So what is all this for? Well, other than reminding companies that Hidden Cobra is still around and posing a threat to public and private sector companies, US-Cert wanted to let people know that there was still a huge reward for members of the hacking team.
“If you have information about the illegal activities of the DPRK in cyberspace, including past or current operations, providing this information through the State Department's Rewards for Justice program may entitle you to a reward of up to $ 5 million. “
So if you are out of work and expect to spend some time passing the time during the lockdown, there is a lot of money to be had. ®
Office 365 client-to-client migration tips