REPORT BREACH

The Breach News

STARK#MULE Cyber Campaign Targets Korean Speakers with U.S. Military-Themed Malware Documents

July 28, 2023
Cyber Attack / Malware

A persistent cyber attack campaign identified as STARK#MULE is aimed at Korean-speaking individuals, using U.S. Military-themed documents to lure victims into executing malware on compromised systems. Cybersecurity firm Securonix has been monitoring this activity, though the full extent of the attacks remains unclear and it is unknown if any of them have successfully compromised systems. Security researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov noted in a report shared with The Hacker News that these attacks are reminiscent of previous ones linked to North Korean groups like APT37, which has historically targeted South Korea, particularly its government officials. APT37, also known by various aliases including Nickel Foxcroft, Reaper, Ricochet Chollima, and ScarCruft, is recognized as a North Korean state-sponsored actor focused on southern targets.

STARK#MULE Targets Koreans with U.S. Military-Themed Document Lures In a notable development in cyber threats, a new campaign has emerged targeting Korean-speaking individuals through the use of U.S. military-themed documents designed to deliver malware. Cybersecurity experts from Securonix have named the campaign STARK#MULE and are actively monitoring its activities. While…

Read More

STARK#MULE Cyber Campaign Targets Korean Speakers with U.S. Military-Themed Malware Documents

July 28, 2023
Cyber Attack / Malware

A persistent cyber attack campaign identified as STARK#MULE is aimed at Korean-speaking individuals, using U.S. Military-themed documents to lure victims into executing malware on compromised systems. Cybersecurity firm Securonix has been monitoring this activity, though the full extent of the attacks remains unclear and it is unknown if any of them have successfully compromised systems. Security researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov noted in a report shared with The Hacker News that these attacks are reminiscent of previous ones linked to North Korean groups like APT37, which has historically targeted South Korea, particularly its government officials. APT37, also known by various aliases including Nickel Foxcroft, Reaper, Ricochet Chollima, and ScarCruft, is recognized as a North Korean state-sponsored actor focused on southern targets.

Cyber Threat: Investigating the Legality of Bengal Cats in Australia Through Google Search

Cybersecurity Alert: SEO Poisoning Targets Australian Internet Users Searching for Bengal Cats Cybersecurity experts at Sophos are sounding the alarm about a rising cyber threat linked to the increasingly popular search term, "Are Bengal Cats legal in Australia." This alarming trend has been identified as an example of SEO poisoning,…

Read MoreCyber Threat: Investigating the Legality of Bengal Cats in Australia Through Google Search

White House Condemns Russia for Ransomware Attacks on Healthcare Sector

Fraud Management & Cybercrime, Ransomware UN Members Call for Enhanced Resilience of Critical Infrastructure to Address Cyber Threats Mathew J. Schwartz (@euroinfosec) • November 11, 2024 Image: Shutterstock In a significant development, a Biden administration official highlighted during a United Nations Security Council briefing that ransomware has transcended its classification…

Read MoreWhite House Condemns Russia for Ransomware Attacks on Healthcare Sector

Patchwork Hackers Target Chinese Universities and Research Institutions Using EyeShell Backdoor

Date: July 31, 2023
Category: Cyber Espionage / Malware

A recent campaign has revealed that the hacking group known as Patchwork is actively targeting universities and research organizations in China. According to the KnownSec 404 Team, these attacks leverage a backdoor named EyeShell. Also referred to as Operation Hangover or Zinc Emerson, Patchwork is believed to operate on behalf of India and has been active since at least December 2015. Their attacks primarily focus on Pakistan and China, employing custom malware such as BADNEWS, typically via spear-phishing and watering hole techniques. This group exhibits tactical similarities with other Indian-affiliated cyber-espionage collectives, like SideWinder and the DoNot Team. In a related development, Meta announced in May that it had suspended 50 accounts on Facebook and Instagram connected to Patchwork, which exploited rogue messaging apps.

Patchwork Hackers Target Chinese Research Institutions with EyeShell Backdoor On July 31, 2023, cybersecurity analysts from the KnownSec 404 Team reported that cyber espionage threats linked to a group known as Patchwork have been actively targeting universities and research organizations across China. This campaign is marked by the deployment of…

Read More

Patchwork Hackers Target Chinese Universities and Research Institutions Using EyeShell Backdoor

Date: July 31, 2023
Category: Cyber Espionage / Malware

A recent campaign has revealed that the hacking group known as Patchwork is actively targeting universities and research organizations in China. According to the KnownSec 404 Team, these attacks leverage a backdoor named EyeShell. Also referred to as Operation Hangover or Zinc Emerson, Patchwork is believed to operate on behalf of India and has been active since at least December 2015. Their attacks primarily focus on Pakistan and China, employing custom malware such as BADNEWS, typically via spear-phishing and watering hole techniques. This group exhibits tactical similarities with other Indian-affiliated cyber-espionage collectives, like SideWinder and the DoNot Team. In a related development, Meta announced in May that it had suspended 50 accounts on Facebook and Instagram connected to Patchwork, which exploited rogue messaging apps.

AI-Driven Personalized Skincare: Balancing Innovation with Data Privacy

Haut.AI’s AI-Driven Innovations in Skincare: A Conversation with CEO Anastasia Georgievskaya Artificial intelligence (AI) is making notable advancements in the skincare industry, offering personalized insights and enhancing customer interactions. Haute.AI, an Estonia-based company co-founded by CEO Anastasia Georgievskaya, is at the forefront of this transformation. By integrating data-driven methods and…

Read MoreAI-Driven Personalized Skincare: Balancing Innovation with Data Privacy

Guernsey’s Data Protection Authority Releases Updated Breach Statistics

Recent Data Breach Insights from Guernsey’s Office of the Data Protection Authority In the latest update from Guernsey’s Office of the Data Protection Authority (ODPA), officials have reported on data breaches occurring between July 1 and September 30, 2024. During this quarter, a total of 40 personal data breaches were…

Read MoreGuernsey’s Data Protection Authority Releases Updated Breach Statistics

APT31 Linked to Cyberattacks on Air-Gapped Systems in Eastern Europe

August 01, 2023
Cyber Attack / Data Security

A Chinese-affiliated nation-state actor is under suspicion for a series of cyberattacks targeting industrial organizations in Eastern Europe last year, aimed at extracting information from air-gapped systems. Cybersecurity firm Kaspersky has attributed these intrusions with medium to high confidence to the hacking group known as APT31, which is also recognized by the aliases Bronze Vinewood, Judgement Panda, and Violet Typhoon (previously Zirconium). This conclusion is based on shared tactics observed in the attacks. The intrusions involved over 15 different implants and their variants, categorized into three primary functions: establishing persistent remote access, collecting sensitive data, and transmitting the stolen information to infrastructure controlled by the attackers. Notably, one type of implant appeared to be an advanced modular malware, designed to profile removable drives and infect them with a worm to extract data from isolated air-gapped networks.

China’s APT31 Linked to Data Breaches in Eastern Europe’s Industrial Sector In a developing cybersecurity crisis, it has been reported that a state-sponsored hacking group with ties to China has been implicated in a series of targeted attacks on industrial organizations in Eastern Europe. These attacks, which occurred over the…

Read More

APT31 Linked to Cyberattacks on Air-Gapped Systems in Eastern Europe

August 01, 2023
Cyber Attack / Data Security

A Chinese-affiliated nation-state actor is under suspicion for a series of cyberattacks targeting industrial organizations in Eastern Europe last year, aimed at extracting information from air-gapped systems. Cybersecurity firm Kaspersky has attributed these intrusions with medium to high confidence to the hacking group known as APT31, which is also recognized by the aliases Bronze Vinewood, Judgement Panda, and Violet Typhoon (previously Zirconium). This conclusion is based on shared tactics observed in the attacks. The intrusions involved over 15 different implants and their variants, categorized into three primary functions: establishing persistent remote access, collecting sensitive data, and transmitting the stolen information to infrastructure controlled by the attackers. Notably, one type of implant appeared to be an advanced modular malware, designed to profile removable drives and infect them with a worm to extract data from isolated air-gapped networks.