Cyberattack links North Korean hackers to ransomware used for extortions
Researchers suspect collaboration between Lazarus Group and criminals behind the TFlower extortion campaign
A newly discovered connection between North Korea-linked malware and a recent type of ransomware suggests that the DPRK is attempting to scale its cybercrime operations, security firm Sygnia wrote in a report on Friday.
Researchers at the company said they found that a new variant of the malicious software framework MATA, which had previously been linked to North Korea’s Lazarus Group, was used to install the TFlower ransomware. TFlower is a piece of malware created by hackers calling themselves the “TFlower Group,” which was not known to be affiliated with the DPRK.
- 01How North Korea’s ‘use-it-or-lose-it’ power grid impacts energy trade
- 02On North Korea, China’s ‘wolf warriors’ speak more like doves
- 03Timeline: From COVID-19 vaccines to preparations to reopen North Korea’s border
- 04How has COVID-19 impacted North Korean market prices?
- 05Juche H-bomb: North Korea’s efforts to tie self-reliance to its nuclear weapons
- 06North Korea reels in cash from fishing permits this year, despite UN ban
- 07Why America is fighting a losing battle against North Korean cyber crime
- 08North Korea warily eyes the markets that now dominate food distribution