Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,198
- Points
- 113
North Korea is trying by all means to extract US military secrets.
The US Federal Prosecutor's Office has filed charges against North Korean hacker Rim Jong Hyuk, who, according to their information, organized a series of cyber attacks on American medical institutions. He used the funds he received to finance espionage against US military installations.
According to an indictment filed in federal court in Kansas, Rim used malicious software developed by North Korea's military intelligence service to target at least five U.S. healthcare organizations. One of the victims was a hospital in Kansas, which in 2021 lost access to a server with X-rays and other diagnostic images due to a ransomware attack.
U.S. investigators allege that Rome funneled ransoms received from U.S. hospitals to finance attacks on at least 11 federal agencies and defense contractors. The purpose of these operations was to steal information of interest to the North Korean regime, including data on missile technology, drones, and the development of fissile materials.
In this way, the DPRK collects information about fighter jets and drones, radar systems, uranium processing and enrichment processes, as well as information about heavy and light armored vehicles. This list clearly reflects the country's desire to strengthen its military capabilities.
According to the prosecution, hackers managed to penetrate the systems of NASA, several defense companies in California, Michigan and Massachusetts, as well as two US Air Force bases in Texas and Georgia. The cyberattacks also affected defense contractors in Taiwan and South Korea, as well as a Chinese energy company.
It is particularly noted that as a result of hacking the systems of South Korean defense contractors, North Korean hackers could gain access to data on anti-aircraft laser weapons.
"These actions are closely interrelated," a senior FBI official told reporters on condition of anonymity. "Without the ability to conduct government ransomware operations and receive payments, other North Korean cyber operations would be difficult to continue."
The US State Department announced a $ 10 million reward for information about Rim Jung Hyuk and the hacker group Andariel.
A representative of the US Department of Justice said that the US authorities managed to disrupt the operation of a number of accounts related to the infrastructure of the North Korean operation. He stressed that the investigation and counteraction became possible due to the fact that the attacked hospital in Kansas asked for help from FBI investigators and actively cooperated with them.
In its blog, Microsoft said that it first encountered the activities of this hacker group back in 2014. According to experts, the constant improvement of tools and methods of work makes this group particularly dangerous. While hackers used to rely mainly on targeted phishing, they are now increasingly exploiting newly discovered software vulnerabilities. For example, last year the group actively exploited a security flaw in the TeamCity platform.
Source
The US Federal Prosecutor's Office has filed charges against North Korean hacker Rim Jong Hyuk, who, according to their information, organized a series of cyber attacks on American medical institutions. He used the funds he received to finance espionage against US military installations.
According to an indictment filed in federal court in Kansas, Rim used malicious software developed by North Korea's military intelligence service to target at least five U.S. healthcare organizations. One of the victims was a hospital in Kansas, which in 2021 lost access to a server with X-rays and other diagnostic images due to a ransomware attack.
U.S. investigators allege that Rome funneled ransoms received from U.S. hospitals to finance attacks on at least 11 federal agencies and defense contractors. The purpose of these operations was to steal information of interest to the North Korean regime, including data on missile technology, drones, and the development of fissile materials.
In this way, the DPRK collects information about fighter jets and drones, radar systems, uranium processing and enrichment processes, as well as information about heavy and light armored vehicles. This list clearly reflects the country's desire to strengthen its military capabilities.
According to the prosecution, hackers managed to penetrate the systems of NASA, several defense companies in California, Michigan and Massachusetts, as well as two US Air Force bases in Texas and Georgia. The cyberattacks also affected defense contractors in Taiwan and South Korea, as well as a Chinese energy company.
It is particularly noted that as a result of hacking the systems of South Korean defense contractors, North Korean hackers could gain access to data on anti-aircraft laser weapons.
"These actions are closely interrelated," a senior FBI official told reporters on condition of anonymity. "Without the ability to conduct government ransomware operations and receive payments, other North Korean cyber operations would be difficult to continue."
The US State Department announced a $ 10 million reward for information about Rim Jung Hyuk and the hacker group Andariel.
A representative of the US Department of Justice said that the US authorities managed to disrupt the operation of a number of accounts related to the infrastructure of the North Korean operation. He stressed that the investigation and counteraction became possible due to the fact that the attacked hospital in Kansas asked for help from FBI investigators and actively cooperated with them.
In its blog, Microsoft said that it first encountered the activities of this hacker group back in 2014. According to experts, the constant improvement of tools and methods of work makes this group particularly dangerous. While hackers used to rely mainly on targeted phishing, they are now increasingly exploiting newly discovered software vulnerabilities. For example, last year the group actively exploited a security flaw in the TeamCity platform.
Source
