North Korea
Cybercrime Surge in Asia-Pacific: China and North Korea–Linked Groups Intensify Financial Sector Attacks
What happened Cyber-threat groups linked to China and North Korea continue to heavily target financial services and cryptocurrency ecosystems across the Asia-Pacific region, according to CrowdStrike’s 2026 Financial Services Threat Landscape Report ...
North Korean Hackers Targeted Ethnic Koreans in China With Android Malware
What happened ESET researchers have attributed a supply chain attack on a mobile gaming platform to APT37, a North Korean espionage group operating since 2012 and allegedly housed within North Korea’s Ministry ...
North Korea’s Enormous Crypto Hacks Redefine Scale and Strategy
A pair of tightly executed cyberattacks have become milestones in cryptocurrency theft in 2026 due to their sheer size. These two incidents, targeting Drift Protocol and KelpDAO, account for roughly three quarters ...
Spyware Makers Topped Google’s List of Zero-Day Exploits for the First Time in 2025
For the first time, spyware makers topped Google's list of organizations that exploited zero-day flaws in 2025, overtaking nation-state actors from China, Russia, and elsewhere and continuing a trends that Google researchers ...
First Sentencing in Scheme to Help North Koreans Infiltrate US Companies
An Arizona woman was sentenced to eight-and-a-half years in prison for her role helping North Korean workers infiltrate US companies by pretending to be US workers. From an article: According to court ...
North Korean Hackers Steal $1.5B in Cryptocurrency
It looks like a very sophisticated attack against the Dubai-based exchange Bybit: Bybit officials disclosed the theft of more than 400,000 ethereum and staked ethereum coins just hours after it occurred. The ...
North Korean Hackers Stole $1.34 Billion in Crypto in 2024
North Korean hackers stole $1.34 billion in cryptocurrency in 2024, more than half of the $2.2 billion stolen in all crypto hacks, and the attacks by threat groups linked to the rogue ...
WTH? DPRK WFH Ransomware Redux: 3rd Person Charged
North Korean army of remote IT workers enabled by Matthew Isaac Knoot, alleges DoJ ...
Emulating the Politically Motivated North Korean Adversary Andariel – Part 2
AttackIQ has released a new attack graph that emulates the behaviors exhibited by the North Korean state-sponsored adversary Andariel during Operation Blacksmith which affected manufacturing, agricultural and physical security companies in multiple ...
Response to CISA Advisory (AA24-207A): North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-207A) published on July 25, 2024, that highlights cyber espionage activity associated with the Democratic People’s Republic of Korea ...
