Friday, March 29, 2024

U.S.Treasury Sanctions Three North Korean Hackers Group for Attacking on Critical Infrastructure

U.S. Department of the Treasury’s declare sanctions targeting three North Korean state-sponsored hacker group responsible for attacking Critical Infrastructure.

Office of Foreign Assets Control (OFAC) identified that three hacking groups namely “Lazarus Group,” “Bluenoroff,” and “Andariel” are controlled by North Korea’s primary intelligence bureau.

These groups are known for conducting large scale attack targeting government, military, financial, manufacturing, publishing, media, entertainment, and international shipping companies, as well as critical infrastructure

“Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs,” said Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence.

Cyber Attacks by North Korean Groups

The Lazarus Group was created as early as 2007, the group involved in massive hack attacks such as 2014 attack on Sony and WannaCry ransomware attack which affected more than 150 countries.

The group also responsible for 2016 Bangladeshi bank attacks and they illegally transfer US $81 Million by placing a custom malware in bank servers.

A subgroup of Lazarus Group dubbed Bluenoroff created the North Korean government to earn revenue illegally by attacking financial institutions and banks.

The Bluenoroff group work together with Lazarus Group and conducted attacks targeting more than 16 organizations across 11 countries including SWIFT messaging system and cryptocurrency exchanges.

The second sub-group of Lazarus Group is Andariel, it was spotted first on 2015 and it conducts malicious activities targeting foreign businesses, government agencies, financial services infrastructure, private corporations, and businesses, as well as the defense industry.

Andariel group focuses on stealing payment cards and hacking into ATMs to withdraw cash and to steal customer information.

“According to industry and press reporting, these three state-sponsored hacking groups likely stole around $571 million in cryptocurrency alone, from five exchanges in Asia between January 2017 and September 2018.”

Actions Taken

OFAC blocked all property and interests in property of these entities within the control of united states and prohibits U.S. citizens from doing any business with these groups.

“Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs,” said Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Website

Latest articles

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles