BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • North Korea massively steals the credentials of foreign civil servants


    A North Korean nation-state group notorious for its crypto heists has been credited with a new wave of malicious email attacks.

    The TA444 group (also known as APT38, BlueNoroff, Copernicium and Stardust Chollima) uses a wide range of malware delivery methods. In their arsenal: blockchain-related bait, fake job opportunities in prestigious firms, quick money, etc.

    TA444 attacks also often use phishing emails tailored to the interests of the victim. As usual, they contain seemingly harmless .lnk shortcut files or .iso optical disc images, but in fact they are malware in disguise.

    Other TA444 tactics include using compromised LinkedIn accounts belonging to legitimate company executives to contact and interact with targets to spread decoy links.

    In the group's later campaigns, in December of last year, the attack vector changed a lot. TA444 was involved in the distribution of phishing messages that prompted recipients to go to a URL that redirected them to a credential harvesting page ("Credential Harvesting" method).

    December's malicious mailings primarily affected government agencies in the United States and Canada. Apparently, in the future, TA444 plans to use the received data for a new wave of attacks.

    North Korea is increasingly becoming involved in certain cybercrimes related to cryptocurrency and attacks on government structures in different countries. Recall that in June last year, the FBI accused the North Korean groups Lazarus and BlueNoroff (aka TA444) of stealing $ 100 million in cryptocurrency from the Harmony Horizon Bridge. And in October, international investigators expressed their concern that the cryptocurrency stolen by hackers from the DPRK was being used to finance nuclear weapons.

    Greg Lesnevich of Proofpoint stated, “With a startup mentality and passion for cryptocurrencies, TA444 is leading North Korea’s cash flow generation by raising money that can be laundered.”
    “These attackers are rapidly coming up with new attack methods using social media as part of their modus operandi,” Lesnevich added.
    Author DeepWeb
    Hackers attacked a well-known company in the US in the field of remote access
    Types of Substance-Related Disorders

    Comments 0

    Add comment