Thursday, March 28, 2024

U.S.Treasury Sanctions Three North Korean Hackers Group for Attacking on Critical Infrastructure

U.S. Department of the Treasury’s declare sanctions targeting three North Korean state-sponsored hacker group responsible for attacking Critical Infrastructure.

Office of Foreign Assets Control (OFAC) identified that three hacking groups namely “Lazarus Group,” “Bluenoroff,” and “Andariel” are controlled by North Korea’s primary intelligence bureau.

These groups are known for conducting large scale attack targeting government, military, financial, manufacturing, publishing, media, entertainment, and international shipping companies, as well as critical infrastructure

“Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs,” said Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence.

Cyber Attacks by North Korean Groups

The Lazarus Group was created as early as 2007, the group involved in massive hack attacks such as 2014 attack on Sony and WannaCry ransomware attack which affected more than 150 countries.

The group also responsible for 2016 Bangladeshi bank attacks and they illegally transfer US $81 Million by placing a custom malware in bank servers.

A subgroup of Lazarus Group dubbed Bluenoroff created the North Korean government to earn revenue illegally by attacking financial institutions and banks.

The Bluenoroff group work together with Lazarus Group and conducted attacks targeting more than 16 organizations across 11 countries including SWIFT messaging system and cryptocurrency exchanges.

The second sub-group of Lazarus Group is Andariel, it was spotted first on 2015 and it conducts malicious activities targeting foreign businesses, government agencies, financial services infrastructure, private corporations, and businesses, as well as the defense industry.

Andariel group focuses on stealing payment cards and hacking into ATMs to withdraw cash and to steal customer information.

“According to industry and press reporting, these three state-sponsored hacking groups likely stole around $571 million in cryptocurrency alone, from five exchanges in Asia between January 2017 and September 2018.”

Actions Taken

OFAC blocked all property and interests in property of these entities within the control of united states and prohibits U.S. citizens from doing any business with these groups.

“Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs,” said Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Website

Latest articles

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...

Beware of Free Android VPN Apps that Turn Your Device into Proxies

Cybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles