Report: North Korean hackers stepping up crypto attacks - UPI.com
Meanwhile, Google makes me click on pictures of fire hydrants and traffic lights to prove I'm human.
I'm not sure how any of this works or how North Korean hackers (or any hackers from any country) are able to pull off these massive heists. In recent years, there have been major cyber attacks attributed to Russia and China. They're ostensibly trying to beef up security and so forth, but hackers somehow keep finding ways around whatever security is in place. It seems like a constant battle waged in cyberspace.
It reminds me of the old western trope where the fate of an entire town rests on the outcome of a gun battle between the villain and the good guy - both expert gunfighters, but the good guy is always just a little bit better. And the town is saved.
Is the internet doomed?
SEOUL, Jan. 25 (UPI) -- North Korean hackers are displaying a "startup mentality" as they experiment with new methods to pull off cryptocurrency heists, a report by cybersecurity firm Proofpoint said Wednesday.
The Sunnyvale, Calif.-based firm said a group they identify as TA444, which overlaps with infamous hacker collective Lazarus, launched a massive wave of phishing attacks in December targeting the financial, education, government and healthcare sectors in the United States and Canada.
The group's emails used approaches that differed from tactics researchers had previously associated with them, including efforts to gain users' passwords and login information.
"This sprawling credential harvesting activity is a deviation from normal TA444 campaigns, which typically involve the direct deployment of malware," the report said.
The hackers used email marketing tools to help avoid phishing filters and created content such as job offers and salary adjustments to lure targets. They also relied on social media networking service LinkedIn to engage with victims before delivering links to malware, the researchers said.
Proofpoint said the December spam wave nearly doubled the volume of emails sent by the group for the entire year.
Greg Lesnewich, senior threat researcher at Proofpoint, said in an email that TA444 has a "startup mentality" and is "testing a variety of infection chains to help expand its revenue streams."
"This threat actor rapidly ideates new attack methods while embracing social media as part of their M.O.," he said. "TA444 spearheads North Korea's cashflow generation for the regime by bringing in launderable funds."
North Korea remains under heavy international sanctions and has increasingly turned to cybercrime in an effort to finance its illicit weapons program.
The Pyongyang-affiliated Lazarus Group was behind the stunning theft of more than $600 million in cryptocurrency from an online video game network in March, according to the FBI.
Meanwhile, Google makes me click on pictures of fire hydrants and traffic lights to prove I'm human.
I'm not sure how any of this works or how North Korean hackers (or any hackers from any country) are able to pull off these massive heists. In recent years, there have been major cyber attacks attributed to Russia and China. They're ostensibly trying to beef up security and so forth, but hackers somehow keep finding ways around whatever security is in place. It seems like a constant battle waged in cyberspace.
It reminds me of the old western trope where the fate of an entire town rests on the outcome of a gun battle between the villain and the good guy - both expert gunfighters, but the good guy is always just a little bit better. And the town is saved.
Is the internet doomed?