Friday, July 31, 16:43
Home security North Korean hackers target US defense sectors!

North Korean hackers target US defense sectors!

In the middle of his pandemic COVID-19, North Korean hackers target US defense and aerospace sectors, using fake job offers as bait to infect employees looking for better job prospects and access in the networks of their organizations. The attacks began in late March and lasted until May 2020, according to cybersecurity company McAfee. McAfee reported that attacks known as "Operation North Star", are connected to infrastructure and TTPs (Techniques, Tactics and Procedures) previously associated with the Hidden Cobra - a term used by the US Government to describe organized hacking groups funded by North Korea.

North Korean hackers

In addition, the company noted that the attacks used spear-phishing to attract target recipients by motivating them to open documents that are supposed to contain a job offer. Many hacking groups have used the job offer as bait in the past, with North Korean hackers using it in attacks on the US defense sector in 2017 and 2019, said Christiaan Beek, chief scientist. and Senior Principal Engineer.

North Korea

The 2017 attacks concerned US allegations against a North Korean hacker believed to have been involved in the attacks, as well as the creation of WannaCry ransomware. The 2020 attacks also benefited malware, while approaching some victims and through not only through e-mail but also through SOCIAL MEDIA.

The entire chain of attacks - from the contact to how the malware works - is described in detail in the chart below and with full technical details from McAfee.

Hackers vs USA

However, the effectiveness of this campaign is not yet known. As the pandemic has affected workers, it is unclear how successful North Korean hackers have been in using a "new job" theme to lure victims. McAfee said it could not determine exactly which U.S. defense or aerospace companies were the target of the attacks to alert them. The only things he could identify were the nature of the fake jobs (Senior Design Engineer and System Engineer) and the US defense sectors targeted by the hackers:

  • F-22 Fighter Jet Program
  • Defense, Space and Security (DSS)
  • Photovoltaics for space solar cells
  • Aeronautics Integrated Fighter Group
  • Military aircraft modernization programs

Raj Samani, chief scientist at McAfee, told ZDNet that the company had turned to US services cyber security to inform the authorities about the attacks.
The North Star campaign is aimed at espionage and the collection of information that can be used to the benefit of North Korea.

hackers vs US defense sectors

As the country is under heavy economic sanctions and without a self-sustaining military-industrial complex, it can only support its nuclear weapons program and ambitions by entering or stealing the information it needs - which, in this case, it hopes to obtain from the US defense and aerospace sectors.

Yet another way in which North Korea maintains its nuclear program is by allowing hackers to engage in cybercrime. At the same time, the security company Kaspersky published a report this week linking North Korean hackers to a new ransomware strain called VHD.

Prior to that, the group was linked to other types of cybercrime, such as BEC fraud, Magecart attacks, bank robberies, cryptocurrency fraud and fraud. botnets cryptocurrency mining. Finally, North Korea has "built" one of the most powerful and advanced hacker armies to date, as evidenced by the variety of its operations.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


North Korean hackers target US defense sectors!

Amid the COVID-19 pandemic, North Korean hackers targeted the US defense and aerospace sectors, using as ...

Facebook: "Advertising boycott does not affect us"

Despite the July boycott of 1.000 major advertisers, Facebook said its advertising business was doing well.

Amazon: Project Kuiper satellites approved

The FCC unanimously approved Amazon's Project Kuiper, giving the company the green light to develop and operate a formation ...

EU: Sanctions in China, Russia and North Korea for cyber attacks!

The EU has imposed sanctions on China, Russia and North Korea for cyberattacks in the past against European citizens and ...

Shropshire Council: Data leakage affects 250 emails

A data breach occurred in the Shropshire Council, via email inviting people to a webinar. His data protection officer ...

Free Google One backup feature

The Google One phone backup service will be available for free in all countries where it is available, the company said ....

Europe: Hackers spread fake news on news sites

In recent years, online misinformation has progressed rapidly, with the Internet Research Agency showing its anger at ...

US Congress: The "apology" of Facebook, Amazon, Apple and Google!

The most powerful personalities of technology submitted yesterday, through a teleconference, to the US Congress, in order to examine whether the practices ...

A security expert talks about ransomware attacks

A security expert, Stacy Arruda, gave an interview about one of the biggest threats to ...

USA: Citizens' financial data leaked from the Tax Department!

The Vermont Department of Taxation (USA) revealed that the personal and financial data of taxpayers were leaked, due to a security error that affects the ...