1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • North Korean hackers breached top Russian missile maker

    From TechnologyDaily@1337:1/100 to All on Tue Aug 8 09:15:03 2023
    North Korean hackers breached top Russian missile maker

    Date:
    Tue, 08 Aug 2023 09:08:30 +0000

    Description:
    Two North Korean separate groups were targeting the same Russian entity - one building military rockets.

    FULL STORY ======================================================================

    Russia and North Korea may reprotedly be allies on paper, but in the real world, this may not be as concrete, as two North Korean state-sponsored
    threat actors have been found targeting an important Russian missile engineering company.

    Cybersecurity researchers from SentinelOne discovered two groups - StarCruft and Lazarus Group, targeting NPO Mashinostroyenia. StarCruft managed to compromised sensitive internal IT infrastructure, including an email server.

    Lazarus, on the other hand, used a Windows backdoor known as OpenCarrot. The former is under the direct command of the Ministry of State Security, while the latter answers to the Reconnaissance General Bureau (RGB), the countrys main foreign intelligence service. OpenCarrot

    OpenCarrot is a versatile piece of malware , the researchers further explained, capable of full compromise. It sports 25 different commands, allowing the threat actors to spy on its victims, edit file systems, and operate multiple mechanisms of communication.

    "With a wide range of supported functionality, OpenCarrot enables full compromise of infected machines, as well as the coordination of multiple infections across a local network," said security researchers Tom Hegel and Aleksandar Milenkoski. Read more

    FBI confirms North Korean Lazarus Group was behind major Harmony crypto
    heist



    FBI says North Korean Lazarus group was behind huge crypto theft



    These are the best firewalls today

    In hindsight, the choice of target isnt that surprising, knowing that North Korea is investing heavy resources into developing its highly controversial missile program which, among other things, resulted in countless
    international sanctions. NPO Mashinostroyeniya, on the other hand, is a
    rocket design bureau based in Reutov, the media say. It was blacklisted by
    the U.S. Department of Treasury back in 2014, due to "Russia's continued attempts to destabilize eastern Ukraine and its ongoing occupation of
    Crimea."

    This is one of the rare recorded examples of allies targeting allies through cyber-warfare, in order to advance their strategic goals. Time describes the North Korean government as being hell-bent on developing its nuclear program and missile capabilities for over 60 years now. Check out the best endpoint protection software right now

    Via: The Hacker News



    ======================================================================
    Link to news story: https://www.techradar.com/pro/north-korean-hackers-breached-top-russian-missil e-maker


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)