An elite group of North Korean hackers secretly penetrated the computer networks of a major Russian missile developer for at least five months last year. This was reported exclusively by the Reuters news agency on Monday. She cites technical evidence reviewed by Reuters and analyzed by security researchers.
Advertisement
According to the report, cyberespionage teams linked to the North Korean government, dubbed ScarCruft and Lazarus by security researchers, have secretly installed digital backdoors into the systems of Russian company NPO Mashinostroyeniya. The armaments company based in Reutov, a small town on the outskirts of Moscow, manufactures hypersonic missiles and satellites.
According to Reuters, it was not able to determine whether data was stolen during the intrusion or what information might have been viewed. In the months following the digital slump, the Pyongyang government announced several developments in its sanctioned ballistic missile program. However, it is not clear whether this was related to the slump, according to Reuters.
Missile technology in Pyongyang’s interest
News of the alleged hack comes shortly after a trip by Russian Defense Minister Sergei Shoigu to Pyongyang last month to mark the 70th anniversary of the armistice that ended the Korean War (1950-53). It was the first visit by a Russian defense minister to North Korea since the collapse of the Soviet Union in the early 1990s.
The targeted company, commonly known as NPO Mash, has pioneered the development of newer-generation hypersonic missiles, satellite technology and ballistic weapons, according to missile experts, Reuters writes. These areas are of great interest to North Korea given its own ballistic missile program. At the end of May, the launch of the first North Korean military reconnaissance satellite failed.
According to technical data cited by Reuters, the hack began around late 2021 and lasted until May 2022, when IT engineers discovered the hackers’ activities, according to internal company communications viewed by Reuters. According to Reuters, two independent computer security experts checked the disclosed email content and confirmed its authenticity. The use of malware and malicious infrastructures already known from other cyber attacks suggests North Korean hackers, it is said.
North Korea’s hackers on the prowl
Advertisement
North Korea has been considered a hacker superpower for several years. North Korean hackers are said to have stolen $1.7 billion worth of cryptocurrencies in 2022 alone. In June, alleged North Korean hackers sucked $100 million from third-party crypto wallets operated by Atomic Wallets. The Atomic wallet theft series is attributed to the North Korean Lazarus Group, which is also believed to be involved in the NPO Mash hack. According to the US government, the hacking group supported by the North Korean government has also laundered hundreds of millions of dollars via the cryptocurrency service Tornado Cash in the past.
The hacker group is already subject to US sanctions. According to US law enforcement agencies, she was behind the internationally acclaimed Sony Pictures and WannaCry hacks. The FBI has put several suspected members out for investigation. The theft of almost one billion US dollars from Bangladesh’s central bank, which is also allegedly controlled by the Lazarous Group, was only prevented by coincidence. The United States and South Korea have been claiming for years that North Korea is using the stolen money to finance its missile program, among other things. Pyongyang denies these allegations.
(noun)
Go to home page
#North #Korean #hackers #spy #Russian #missile #maker
