- Windscribe VPN review: A flexible and free VPN
- One of my favorite foldables brings the flip phone back in the best way (and it's $200 off)
- I opened up a cheap 600W charger to test its build, and found 'goo' inside
- How to negotiate like a pro: 4 secrets to success
- One of the cheapest Android tablets I've ever tested replaced my iPad with no sweat
Two More Lazarus Group Members Indicted for North Korean Attacks
The US has named and indicted two more members of the infamous North Korean military hacking group known as Lazarus, which it said is responsible for stealing over $1.3bn from various entities.
A federal indictment unsealed yesterday named three members of military intelligence agency the Reconnaissance General Bureau (RGB), aka Lazarus or APT38.
Park Jin Hyok, 36, was previously charged in a complaint unsealed in 2018, and is joined by Jon Chang Hyok, 31 and Kim Il, 27.
The Department of Justice (DoJ) claimed the three were involved in some of the group’s most audacious campaigns, including: attacks on Sony Pictures Entertainment and AMC Theaters, cyber-heists targeting SWIFT transfers at Bangladesh Bank and other financial institutions, and the creation of WannaCry.
They’re also accused of ATM cash-out thefts, including the $6.1m October 2018 raid of BankIslami Pakistan, creating and deploying malicious cryptocurrency apps to provide backdoor access to victim machines and stealing tens of millions from cryptocurrency companies.
The trio were named as conspirators in spear-phishing campaigns targeting multiple US government, energy, defense, tech and aerospace organizations, and the development of a Marine Chain Token designed to secretly funnel investor funds to the Hermit Kingdom.
Prosecutors also unsealed one charge against Ghaleb Alaumary, 37, of Mississauga, Ontario, for his role as a money launderer for North Korean schemes including the above ATM cash-outs, BEC attacks and other fraud. Alaumary has already pleaded guilty and is currently being prosecuted in Georgia for involvement in a separate BEC scheme.
He is said to have organized “teams” of co-conspirators in the US and Canada to launder millions for the Kim Jong-un regime.
The US Cybersecurity and Infrastructure Security Agency (CISA) yesterday released further information on the malicious cryptocurrency apps mentioned above.
Posing as legitimate trading platforms, the AppleJeus malware is actually designed to steal cryptocurrency from victims, and has been around since 2018.
