North Korean hackers behind custom ransomware attack targeting wealthy groups | NK News
July 15, 2024
News

North Korean hackers behind custom ransomware attack targeting wealthy groups

A new report by Kaspersky Labs suggests North Korean hackers are following “big game hunting” hacking trends

North Korean state-sponsored hackers are implicated in a custom ransomware strain targeting wealthy companies, researchers from cybersecurity firm Kaspersky Labs said in a report published on Tuesday. If true, the series of attacks follow a larger cybercrime trend of ransomware-deploying groups pivoting from indiscriminate attacks with low payouts to more laborious, high-reward target operations going after wealthy organizations.

Kaspersky attributed a new strain of ransomware called VHD to the Lazarus Group, a constellation of hackers working on behalf of Pyongyang. Kaspersky found similar Tactics, Techniques, and Procedures (TTP) seen in previous Lazarus operations, as well as the use of Lazarus-linked MATA malware to install VHD onto victim computers.

Become a member for less
than $5.75 per week.

  • Unlimited access to all of NK News: reporting, investigations, analysis
  • The NK News Daily Update, an email newsletter to keep you in the loop
  • Searchable archive of all content, photo galleries, special columns
  • Contact NK News reporters with tips or requests for reporting
Get unlimited access to all NK News content, including original reporting, investigations, and analyses by our team of DPRK experts.
Subscribe now

All major cards accepted. No commitments – you can cancel any time.