HomeUpdatehow a North Korean suspect is linked to cyberattacks campaigns
Update

how a North Korean suspect is linked to cyberattacks campaigns

Nidhi Khandelwal
By Nidhi Khandelwal

-

Last Updated on 23/11/2021 by Nidhi Khandelwal

A North Korean-connected threat actor has been linked to a wave of credential theft campaigns aimed at research, education, government, media, and other organisations, with two of the assaults also attempting to spread malware that may be used for intelligence gathering.

The infiltrations were attributed to a group known as TA406 by enterprise security firm Proofpoint, as well as by the wider threat intelligence community under the names Kimsuky (Kaspersky), Velvet Chollima (CrowdStrike), Thallium (Microsoft), Black Banshee (PwC), ITG16 (IBM), and the Konni Group (Cisco Talos).

how a North Korean suspect is linked to cyberattacks campaigns 1

Weekly campaigns targeting policy experts, journalists, and nongovernmental organisations (NGOs) were observed between January and June 2021, according to Proofpoint researchers Darien Huss and Selena Larson, who detailed the actor’s tactics, techniques, and procedures (TTPs) in a technical report. The attacks were spread across North America, Russia, China, and South Korea.

According to Proofpoint analysts Darien Huss and Selena Larson, who outlined the actor’s tactics, methods, and procedures (TTPs) in a technical study, weekly campaigns targeting policy experts, journalists, and nongovernmental organisations (NGOs) were seen between January and June 2021. North America, Russia, China, and South Korea were all hit by the strikes.

how a North Korean suspect is linked to cyberattacks campaigns 2

According to a public alert issued by the US Cybersecurity and Infrastructure Security Agency (CISA) in October 2020, the group is known for luring targets in with convincing social engineering schemes and watering hole attacks before sending them malware-infected payloads or duping them into submitting sensitive credentials to phishing sites.

The group is known for luring targets in with convincing social engineering schemes and watering hole attacks before sending malware-infected payloads or duping them into submitting sensitive credentials to phishing sites, according to a public alert issued by the US Cybersecurity and Infrastructure Security Agency (CISA) in October 2020.

Nidhi Khandelwal
Nidhi Khandelwal
Nidhi is a tech news/research contributor at TheDigitalHacker. She publishes about techno geopolitics, privacy, and data breach.
- Advertisment -

Must Read

Ai

Data Science Drives Personalized Marketing and Customer Engagement to New Heights...

Candeğer Şen - 0
Personalized marketing and customer engagement are crucial for businesses to thrive in the current digital era. Because data science makes it possible for marketers...
ai-gaming-industry

How AI is Transforming the Gaming Industry in 2023

Using Predictive Analytics to Make Better Business Decisions in 2023

ml-time series forecast

How Machine Learning is Revolutionizing Time Series Forecasting

EDITOR PICKS

POPULAR POSTS

POPULAR CATEGORY

© Reserved 2023 | TheDigitalHacker | Recipes in Hindi | What Best in Canada