North Korean Hackers Now A Global Threat

Recently, a cybersecurity company FireEye Inc. has released an official notice stating that a North Korean Cyber-spy group “Reaper” is conducting espionage beyond the Korean Peninsula and invading more territories. They are doing all this for supporting Pyongyang’s Military. This cyber-spy group is also known as APT37 and is emerging as a global threat.
A report presented by FireEye on APT37 states –
“Read our report, APT37 (Reaper): The Overlooked North Korean Actor, to learn more about our assessment that this threat actor is working on behalf of the North Korean government, as well as various other details about their operations:
  • Targeting: Primarily South Korea – though also Japan, Vietnam, and the Middle East – in various industry verticals, including chemicals, electronics, manufacturing, aerospace, automotive, and healthcare.
  • Initial Infection Tactics: Social engineering tactics tailored specifically to desired targets, strategic web compromises typical of targeted cyber espionage operations, and the use of torrent file-sharing sites to distribute malware more indiscriminately.
  • Exploited Vulnerabilities: Frequent exploitation of vulnerabilities in Hangul Word Processor (HWP), as well as Adobe Flash. The group has demonstrated access to zero-day vulnerabilities (CVE-2018-0802), and the ability to incorporate them into operations.
  • Command and Control Infrastructure: Compromised servers, messaging platforms, and cloud service providers to avoid detection. The group has shown increasing sophistication by improving their operational security over time.
  • Malware: A diverse suite of malware for initial intrusion and exfiltration. Along with custom malware used for espionage purposes, APT37 also has access to destructive malware.”
For more details, you can go through the full report published
Cyber Security has always been a primary concern for IT companies worldwide and as the reach of the internet is expanding, expanding the threats and foes. Well, this kind of foes is really dangerous for a healthy internet society. We hope their activities are monitored with a strict eye so as to avoid the possible cyber crimes in future.