Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,176
- Points
- 113
One of the oldest and most active groups in the cybercrime world has been awarded gold status.
North Korean hacker group Andariel is accused of stealing confidential information and weapons blueprints from various countries around the world. The information security company Mandiant published the results of a two-year investigation of the group's activities.
The investigation revealed that APT45 stole sensitive data on a number of weapons systems and technologies, including tanks, artillery, warships, submarines, UAVs, missiles and missile defense systems, as well as satellites and satellite communications systems.
Andariel has conducted large-scale cyber attacks on critical infrastructure that go beyond traditional government espionage. In recent years, the group has also engaged in ransomware attacks on hospitals, banks, and defense companies in South Korea.
According to Mandiant, many of North Korea's military achievements can be directly linked to the group's successful espionage operations against governments and defense organizations around the world. Given the growing complexity of Andariel's operations, Mandiant has assigned the group Advanced Persistent Threat (APT) status and code number APT45.
The group's cyber espionage dates back to 2009, and since then, hackers have gradually expanded their operations, including financially motivated attacks. In 2019, the group attacked India's Kudankulam nuclear power plant, as well as other nuclear facilities and power plants. Other victims include the agricultural sector, medical and pharmaceutical companies.
The researchers note that APT45 is one of the oldest groups in North Korea. Hackers ' activities reflect the country's geopolitical priorities, and despite the transition from classic cyber-espionage of state structures to attacks on healthcare systems and the agricultural sector, financially motivated attacks remain an important part of APT45's strategy.
Estimated structure of North Korean groups
Andariel is a subgroup of the Lazarus Group, which has organized attacks on foreign companies, government departments, private corporations, and the South Korean defense industry in order to gather information and create unrest. Andariel is also responsible for developing and creating malware to hack into online poker and other gambling sites in order to steal money.
In July, AhnLab specialists identified cases of attacks on Korean ERP systems, during which Andariel seized control of corporate networks and distributed malware. The main targets of the attacks were Korean defense and manufacturing enterprises.
In 2019, the US Treasury Department imposed sanctions on three North Korean groups that carried out cyber attacks on government and private organizations around the world. The sanctions list includes Lazarus Group, Bluenoroff and Andariel.
In March, a group of UN experts presented a new report investigating 58 cyberattacks carried out by hacker groups from North Korea over the past 6 years. According to experts, the attacks brought criminals about $3 billion in illegal income. Experts tracked in detail the activities of several groups-Kimsuky, Lazarus Group, Andariel and BlueNoroff-hackers who regularly appear in the reports of cybersecurity researchers.
Source
North Korean hacker group Andariel is accused of stealing confidential information and weapons blueprints from various countries around the world. The information security company Mandiant published the results of a two-year investigation of the group's activities.
The investigation revealed that APT45 stole sensitive data on a number of weapons systems and technologies, including tanks, artillery, warships, submarines, UAVs, missiles and missile defense systems, as well as satellites and satellite communications systems.
Andariel has conducted large-scale cyber attacks on critical infrastructure that go beyond traditional government espionage. In recent years, the group has also engaged in ransomware attacks on hospitals, banks, and defense companies in South Korea.
According to Mandiant, many of North Korea's military achievements can be directly linked to the group's successful espionage operations against governments and defense organizations around the world. Given the growing complexity of Andariel's operations, Mandiant has assigned the group Advanced Persistent Threat (APT) status and code number APT45.
The group's cyber espionage dates back to 2009, and since then, hackers have gradually expanded their operations, including financially motivated attacks. In 2019, the group attacked India's Kudankulam nuclear power plant, as well as other nuclear facilities and power plants. Other victims include the agricultural sector, medical and pharmaceutical companies.
The researchers note that APT45 is one of the oldest groups in North Korea. Hackers ' activities reflect the country's geopolitical priorities, and despite the transition from classic cyber-espionage of state structures to attacks on healthcare systems and the agricultural sector, financially motivated attacks remain an important part of APT45's strategy.
Estimated structure of North Korean groups
Andariel is a subgroup of the Lazarus Group, which has organized attacks on foreign companies, government departments, private corporations, and the South Korean defense industry in order to gather information and create unrest. Andariel is also responsible for developing and creating malware to hack into online poker and other gambling sites in order to steal money.
In July, AhnLab specialists identified cases of attacks on Korean ERP systems, during which Andariel seized control of corporate networks and distributed malware. The main targets of the attacks were Korean defense and manufacturing enterprises.
In 2019, the US Treasury Department imposed sanctions on three North Korean groups that carried out cyber attacks on government and private organizations around the world. The sanctions list includes Lazarus Group, Bluenoroff and Andariel.
In March, a group of UN experts presented a new report investigating 58 cyberattacks carried out by hacker groups from North Korea over the past 6 years. According to experts, the attacks brought criminals about $3 billion in illegal income. Experts tracked in detail the activities of several groups-Kimsuky, Lazarus Group, Andariel and BlueNoroff-hackers who regularly appear in the reports of cybersecurity researchers.
Source
