North
-
Blog
New North Korean Android spyware slips onto Google Play
A new Android spyware named ‘KoSpy’ is linked to North Korean threat actors who have infiltrated Google Play and third-party app store APKPure through at least five malicious apps. According to Lookout researchers, the spyware is attributed to the North Korean threat group APT37 (aka ‘ScarCruft’). The campaign has been active since March 2022, with the threat actors actively developing the…
Read More » -
Blog
North Korean Lazarus hackers infect hundreds via npm packages
Six malicious packages have been identified on npm (Node package manager) linked to the notorious North Korean hacking group Lazarus. The packages, which have been downloaded 330 times, are designed to steal account credentials, deploy backdoors on compromised systems, and extract sensitive cryptocurrency information. The Socket Research Team discovered the campaign, which linked it to previously known Lazarus supply chain operations.…
Read More » -
Blog
North Korean hackers join Qilin ransomware gang
Microsoft says a North Korean hacking group tracked as Moonstone Sleet has deployed Qilin ransomware payloads in a limited number of recent attacks. “Since late February 2025, Microsoft has observed Moonstone Sleet, a North Korean state actor, deploying Qilin ransomware at a limited number of orgs,” the company’s threat intelligence experts said this week “Moonstone Sleet has previously exclusively deployed their…
Read More » -
Blog
OpenAI bans ChatGPT accounts used by North Korean hackers
OpenAI says it blocked several North Korean hacking groups from using its ChatGPT platform to research future targets and find ways to hack into their networks. “We banned accounts demonstrating activity potentially associated with publicly reported Democratic People’s Republic of Korea (DPRK)-affiliated threat actors,” the company said in its February 2025 threat intelligence report. “Some of these accounts engaged in…
Read More » -
Blog
North Carolina law firm notifies 13K people of data breach that compromised SSNs
Yesterday, Mewborn & DeSelms, Attorneys at Law began notifying 12,941 people of a data breach following a cyber attack in April 2024. Ransomware gang BlackSuit claimed an attack on the North Carolina law firm in May 2024. In its notification, Mewborn & DeSelms states: “On April 2, 2024, Mewborn & DeSelms identified a network disruption and promptly initiated an investigation…
Read More » -
Blog
North One Business Banking Review: Key Features & Costs
North One North One is a financial technology company and not a bank. Banking services are provided by The Bancorp Bank, N.A; Member FDIC. is a financial technology (fintech) company that offers small business owners savings from typical account fees by charging no monthly fees and having no minimum balance requirements. It also has various business tools through integration with…
Read More » -
Blog
FBI issues guidance for enterprises as fake North Korean IT workers wreak havoc
The FBI has issued fresh guidance aimed at helping organizations combat the threats posed by fake North Korean IT workers after a spate of incidents. In its latest efforts to stamp out the scam whereby North Korean hackers pose as legitimate remote IT workers, the FBI said they are continuing to target US-based businesses. “In recent months, in addition to…
Read More » -
Blog
DOJ indicts North Korean conspirators for remote IT work scheme – Computerworld
The US Department of Justice this week announced that it had indicted two North Korean nationals and three other men, accusing them of participating in a conspiracy designed to trick US companies into funding the North Korean regime. According to the indictment, which was filed in federal court in Miami, the scheme leveraged stolen identity documents and paid henchmen in…
Read More » -
Blog
North Korean IT workers steal source code to extort employers
The FBI warned today that North Korean IT workers are abusing their access to steal source code and extort U.S. companies that have been tricked into hiring them. The security service alerted public and private sector organizations in the United States and worldwide that North Korea’s IT army will facilitate cyber-criminal activities and demand ransoms not to leak online exfiltrated…
Read More » -
Blog
US cracks down on North Korean IT worker army with more sanctions
The U.S. Treasury Department has sanctioned a network of individuals and front companies linked to North Korea’s Ministry of National Defense that have generated revenue via illegal remote IT work schemes. “The DPRK continues to rely on its thousands of overseas IT workers to generate revenue for the regime, to finance its illegal weapons programs, and to enable its support…
Read More »