Cyberattack links North Korean hackers to ransomware used for extortions
Researchers suspect collaboration between Lazarus Group and criminals behind the TFlower extortion campaign
A newly discovered connection between North Korea-linked malware and a recent type of ransomware suggests that the DPRK is attempting to scale its cybercrime operations, security firm Sygnia wrote in a report on Friday.
Researchers at the company said they found that a new variant of the malicious software framework MATA, which had previously been linked to North Korea’s Lazarus Group, was used to install the TFlower ransomware. TFlower is a piece of malware created by hackers calling themselves the “TFlower Group,” which was not known to be affiliated with the DPRK.
- 01With only a year left, Moon pitches American public on his hope for peace
- 02How renewed North Korean border trade will affect currency, food and fuel
- 03How Kim Jong Un’s crackdown on foreign culture hurts Korean reconciliation
- 04North Korea is ordering small-time secretaries to clean up its ideological mess
- 05North Korea faces uncertain future after mass exodus of UN and foreign NGO staff
- 06South Korea’s right-wing resurgence spells uncertainty for North Korea policy
- 07Why North Korea’s Olympic withdrawal is about much more than public health
- 08How Chinese netizens reacted to North Korea’s contentious ballistic missile test