North Korean Hackers Fund Espionage From Cybercrime Operations
By: Iain Fraser - Cybersecurity Journalist, Gibraltar
Tuesday, 4th April 2023
Mandiant has released its latest advisory report on APT43 The North Korean hacker group responsible for orchestrating various Cybersecurity crimes in order to fund Espionage operations. Mandiant, Google Cloud’s cybersecurity subsidiary firm has classified the group, which it calls APT43 and which it has been monitoring since 2018, as a “moderately-sophisticated cyber operator that supports the interests of the North Korean regime.”
The designation of the group as a “named threat actor” indicates that Mandiant’s cyber analysts had enough evidence to attribute activity to a specific group.
North Korea has long been known for its expansive scope and sophistication of its cyber weaponry, most infamously the massive 2014 hack into Sony Pictures over a film spoofing North Korean leader Kim Jong Un. Kim’s cyber warriors have been accused of netting millions of dollars at a time through their attacks.
The report, which offers a comprehensive look at APT43’s activities, highlights Pyongyang’s increasingly complex cybercrime operation.
Some of the known regime-backed groups are tied to large-scale schemes, like Lazarus Group, which U.S. investigators said was behind the Sony hack. Others, like APT43, have a narrower focus and complement the larger operations, while sharing techniques and working toward a common goal of supporting Kim’s nuclear ambitions, said Ben Read, head of Mandiant’s cyber espionage analysis.
The Group is also responsible for spoofing (cloning) websites of legitimate organizations to trick targets into giving out information that can be used in cyber crimes the group carries out to fund itself, according to a new report that tracked the cyber attackers’ operations over five years. Learn More /...
Image Credit: Vladimir Lysenko
About Mandiant
Mandiant is recognised by enterprises, governments and law enforcement agencies worldwide as the market leader in threat intelligence and expertise gained on the front-lines of cyber security. To make every organization confidently ready for cyber threats, Mandiant scales its intelligence and expertise through the Mandiant Advantage SaaS platform to deliver current intelligence, automation of alert investigation and prioritisation and validation of security controls products from a variety of vendors. Learn More /...