ioc[.]one - OSINT Cyber Threat Intelligence Database

DPRK Cyber Actors: Pyongyang’s Favorite Fundraisers

Tags

country:	Bangladesh Japan South Korea Russia Vietnam
attack-pattern:	Direct Model Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	62619b60-e5bb-4aff-9d5a-ee4ad0410cc2
Fingerprint	c99289df0519b301
Analysis status	DONE
Considered CTI value	0
Text language
Published	June 13, 2019, 1:38 p.m.
Added to db	Jan. 30, 2023, 4:33 p.m.
Last updated	Nov. 17, 2024, 5:56 p.m.
Headline	DPRK Cyber Actors: Pyongyang’s Favorite Fundraisers
Title	DPRK Cyber Actors: Pyongyang’s Favorite Fundraisers
Detected Hints/Tags/Attributes	73/2/31

Source URLs

	Redirection	Url
Details	Source	https://medium.com/adapt-forward-cyber-security/dprk-cyber-actors-pyongyangs-favorite-fundraisers-c84df7d3a1c9

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

Attributes

Details	Type	#Events	Value
Details	Domain	11	www.novetta.com
Details	Domain	45	www.bankinfosecurity.com
Details	Domain	1	georgetownsecuritystudiesreview.org
Details	Domain	177	www.wired.com
Details	Domain	124	www.nytimes.com
Details	Domain	175	www.zdnet.com
Details	Domain	145	www.us-cert.gov
Details	File	1	un-report-north-korea-evading-sanctions-by-buying-oil-hacking-banks.html
Details	File	1	151216_cha_northkoreascyberoperations_web.pdf
Details	File	1	509deb1c-e446-11e7-a65d-1ac0fd7f097e_story.html
Details	File	1	north-korea-bitcoin-cryptocurrency-nuclear-weapons-sanctions-rusi-a8872056.html
Details	File	1	trump-kim-vietnam-summit.html
Details	Url	1	https://www.darkreading.com/attacks-breaches/north-koreas-lazarus-group-targets-russian-companies-for-first-time/d/d-id/1333912
Details	Url	1	https://www.novetta.com/2017/06/north-korea-cyberattacks-and-lazarus-what-we-really-know
Details	Url	1	https://www.washingtonpost.com/news/the-switch/wp/2014/12/18/the-sony-pictures-hack-explained/?utm_term=.8a55a38af83c
Details	Url	1	https://www.cnbc.com/2019/03/12/un-report-north-korea-evading-sanctions-by-buying-oil-hacking-banks.html
Details	Url	1	https://www.bankinfosecurity.com/north-korean-hackers-tied-to-100-million-in-swift-fraud-a-11579
Details	Url	1	https://csis-prod.s3.amazonaws.com/s3fs-public/legacy_files/files/publication/151216_cha_northkoreascyberoperations_web.pdf
Details	Url	1	https://www.huffpost.com/entry/north-korea-sony-hack-the-interview_n_5b914031e4b0511db3dff9c5?guccounter=1&guce_referrer=ahr0chm6ly93d3cuz29vz2xllmnvbs8&guce_referrer_sig=aqaaanmc
Details	Url	1	http://georgetownsecuritystudiesreview.org/2018/04/22/dprk-cyber-capabilities
Details	Url	1	https://www.kaspersky.com/about/press-releases/2017_chasing-lazarus-a-hunt-for-the-infamous-hackers-to-prevent-large-bank-robberies
Details	Url	1	https://www.washingtonpost.com/world/national-security/us-set-to-declare-north-korea-carried-out-massive-wannacry-cyber-attack/2017/12/18/509deb1c-e446-11e7-a65d-1ac0fd7f097e_story.html?utm_term=.eab778f9e830
Details	Url	1	https://www.wired.com/2017/05/accidental-kill-switch-slowed-fridays-massive-ransomware-attack
Details	Url	1	https://www.reuters.com/article/us-usa-cyber-northkorea/u-s-blames-north-korea-for-wannacry-cyber-attack-iduskbn1ed00q
Details	Url	1	https://cointelegraph.com/news/un-panel-says-north-korea-obtained-670-million-in-crypto-and-fiat-via-hacking-report
Details	Url	1	https://www.independent.co.uk/life-style/gadgets-and-tech/news/north-korea-bitcoin-cryptocurrency-nuclear-weapons-sanctions-rusi-a8872056.html
Details	Url	1	https://www.nytimes.com/2019/02/28/world/asia/trump-kim-vietnam-summit.html?module=inline
Details	Url	1	https://www.darkreading.com/attacks-breaches/north-korean-hacking-group-steals-
Details	Url	1	https://www.scmp.com/news/asia/east-asia/article/2166869/north-korean-hackers-blamed-wave-cyberattacks-banks
Details	Url	1	https://www.zdnet.com/article/us-government-publishes-details-on-north-koreas-hoplight-malware
Details	Url	1	https://www.us-cert.gov/ncas/current-activity/2019/04/10/north-korean-malicious-cyber-activity