Lazarus Group

US Nationals Sentenced for Aiding N. Korea

Two US nationals have been sentenced to 18 months in prison for operating "laptop farms" that helped North Korean IT workers gain employment at American companies, generating over $1.2 million for Pyongyang's government. The scheme involved nearly 70 US companies, highlighting the risks of unknowingly hiring sanctioned workers. Companies should review their hiring processes to ensure compliance with sanctions.

US Nationals Sentenced for Aiding North Korea

Two US nationals have been sentenced to prison for operating "laptop farms" that helped North Korean IT workers gain remote employment at nearly 70 American companies. The scheme allowed North Korean workers to bypass US sanctions and obtain employment under false pretenses. Companies affected should review their remote hiring processes to prevent similar incidents.

npm Package Malware Discovered

Researchers have found malicious code in the "@validate-sdk/v2" npm package, which is used for utility software development. The malware is believed to be linked to North Korean attackers, and users who have installed the package are advised to take immediate action. Affected users should remove the package and monitor their systems for suspicious activity.

Lazarus Targets macOS

Lazarus, a North Korean threat actor, has been targeting macOS users through the ClickFix malware, focusing on Mac-centric organizations and their high-value leaders. The attacks aim to gain initial access and steal sensitive data. Users should exercise caution when interacting with suspicious links or files.

Lazarus APT Steals $290M

The Lazarus Group, a North Korea-linked APT, has stolen $290 million from Kelp DAO, a decentralized finance protocol on the Ethereum ecosystem, by exploiting LayerZero. Users of Kelp DAO and other DeFi protocols should be cautious of potential phishing attacks and monitor their accounts for suspicious activity. The attempted theft of an additional $95 million was thwarted.

Lazarus Group Steals $290m in Crypto

North Korea

North Korean Operatives Infiltrate Job Interviews

North Korean operatives are using fake identities and AI tools to pass job interviews, potentially infiltrating companies. Organizations can take steps to detect these attempts, such as conducting basic video checks and requiring in-person interviews. By

NK targets macOS users

North Korean attackers are using social engineering tactics to trick macOS users into installing malware, potentially stealing credentials and cryptocurrency. The attackers are disguising the malware as a fake Zoom software update. Users should be cautious when receiving software update notifications and verify the

US Nationals Jailed for Aiding N. Korea Scams

Two US nationals have been jailed for operating fake remote worker laptop farms

US Nationals Jailed for N. Korea IT Scam

Two US nationals have been sentenced to a combined 200 months in prison for their role in a North Korea-led IT worker scam that generated $5 million in fraudulent revenue. The scam targeted Fortune 500 companies and a US defense contractor over a four-year period. Affected organizations should review their IT hiring processes to prevent similar scams.

US Nationals Jailed for North Korea Scheme

Two US nationals have been sentenced for their role in a scheme that placed North Korean IT workers inside American companies under false identities, generating over $5 million for the North Korean regime. The operation used stolen identities from at least 80 US individuals over several years. Companies should review their hiring processes

US Nationals Jailed for Aiding DPRK IT Workers

Two US nationals have been sentenced to prison for assisting North Korean IT workers in posing as US residents to gain employment with over 100 US companies, including Fortune 500 firms. The scheme allowed these workers to access sensitive information and systems. Companies that hired these workers should review their security protocols and monitor for potential breaches.