Friday, December 27, 2024
HomeCyber AttackU.S.Treasury Sanctions Three North Korean Hackers Group for Attacking on Critical Infrastructure

U.S.Treasury Sanctions Three North Korean Hackers Group for Attacking on Critical Infrastructure

Published on

SIEM as a Service

U.S. Department of the Treasury’s declare sanctions targeting three North Korean state-sponsored hacker group responsible for attacking Critical Infrastructure.

Office of Foreign Assets Control (OFAC) identified that three hacking groups namely “Lazarus Group,” “Bluenoroff,” and “Andariel” are controlled by North Korea’s primary intelligence bureau.

These groups are known for conducting large scale attack targeting government, military, financial, manufacturing, publishing, media, entertainment, and international shipping companies, as well as critical infrastructure

- Advertisement - SIEM as a Service

“Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs,” said Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence.

Cyber Attacks by North Korean Groups

The Lazarus Group was created as early as 2007, the group involved in massive hack attacks such as 2014 attack on Sony and WannaCry ransomware attack which affected more than 150 countries.

The group also responsible for 2016 Bangladeshi bank attacks and they illegally transfer US $81 Million by placing a custom malware in bank servers.

A subgroup of Lazarus Group dubbed Bluenoroff created the North Korean government to earn revenue illegally by attacking financial institutions and banks.

The Bluenoroff group work together with Lazarus Group and conducted attacks targeting more than 16 organizations across 11 countries including SWIFT messaging system and cryptocurrency exchanges.

The second sub-group of Lazarus Group is Andariel, it was spotted first on 2015 and it conducts malicious activities targeting foreign businesses, government agencies, financial services infrastructure, private corporations, and businesses, as well as the defense industry.

Andariel group focuses on stealing payment cards and hacking into ATMs to withdraw cash and to steal customer information.

“According to industry and press reporting, these three state-sponsored hacking groups likely stole around $571 million in cryptocurrency alone, from five exchanges in Asia between January 2017 and September 2018.”

Actions Taken

OFAC blocked all property and interests in property of these entities within the control of united states and prohibits U.S. citizens from doing any business with these groups.

“Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs,” said Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Lumma Stealer Attacking Users To Steal Login Credentials From Browsers

Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a...

New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers

Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated...

NjRat 2.3D Pro Edition Shared on GitHub: A Growing Cybersecurity Concern

The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms...

Palo Alto Networks Vulnerability Puts Firewalls at Risk of DoS Attacks

A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers

Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated...

NjRat 2.3D Pro Edition Shared on GitHub: A Growing Cybersecurity Concern

The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms...

Palo Alto Networks Vulnerability Puts Firewalls at Risk of DoS Attacks

A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo...