CyberSecurity updates
2025-01-19 14:07:38 Pacfic

North Korea Steals $659M in Crypto in 2024 - 3d
North Korea Steals $659M in Crypto in 2024

North Korean state-sponsored hackers are responsible for over $659 million in cryptocurrency heists during 2024. These actors are using increasingly sophisticated methods including fake job postings to conduct these attacks. This highlights the global threat and financial impact caused by North Korea’s cyber activities.

North Korean Hackers Target Blockchain Industry Globally - 3d
North Korean Hackers Target Blockchain Industry Globally

The United States, Japan, and South Korea have issued a joint warning regarding the increasing cyber threats posed by state-sponsored North Korean hackers. These threat actors are targeting not only the US, Japan, and South Korea, but also the broader international community, with a particular focus on the blockchain industry. The attacks are conducted for financial gain and support the North Korean government. This heightened activity is a major concern for international security agencies who need to work closely to prevent further attacks.

RedDelta Chinese APT Cyber Espionage Operations - 9d
RedDelta Chinese APT Cyber Espionage Operations

The Chinese state-sponsored group, RedDelta, has been actively targeting Mongolia, Taiwan, and Southeast Asia since July 2023. The group uses evolving cyber threats to distribute its customized PlugX backdoor. RedDelta employs spearphishing techniques with lure documents themed around political and cultural events. They have compromised government and diplomatic organizations in multiple countries using adapted infection chains. The group uses Windows Shortcut (LNK), Microsoft Management Console Snap-In Control (MSC) files, and HTML files hosted on Microsoft Azure. They also use Cloudflare CDN to proxy command-and-control (C2) traffic to blend in with legitimate network activity, complicating victim identification.

HiatusRAT Malware Targets Webcams and DVRs - 1d
HiatusRAT Malware Targets Webcams and DVRs

The FBI has issued a warning regarding a new HiatusRAT malware campaign which is targeting web cameras and DVRs, particularly those made by Chinese manufacturers. The attackers are exploiting vulnerabilities like weak default passwords, and are using tools like Ingram and Medusa to gain unauthorized access. Once compromised the devices are used as proxies and converted into covert communication channels. This campaign is targeting IoT devices in the US, Australia, Canada, New Zealand, and the UK. System administrators are urged to limit the use of the affected devices or isolate them from the rest of the network to prevent further exploitation.