An Offer That’s Too Good to be True!
Despite having small economic and political power on the globe, North Korea has developed a sophisticated cyber-espionage team. The locked nation has cyber powers equivalent to those of developed nations like the US and China and can shake up the world as we’ve seen with WannaCry ransomware in 2017. And now, irrespective of the worst times, North Korean state-sponsored hackers are attacking the employees of US defence and aerospace sectors. This campaign, termed as “Operation North Star”, is detailed by American cybersecurity firm, McAfee in its blog yesterday. The researchers say the TTP’s (Techniques, Tactics, and Procedures) of this campaign are related to cyber-espionage groups of North Korea, as seen in past. And the attacking method is defined as spear phishing attacks, where the targets are lured into opening a malicious file which contains the infecting malware. McAfee tracked the campaign theme as offering fake job offers to the potential targets (employees) in US defence and aerospace sectors. This is aimed at obtaining the login credentials of their working systems, thus gaining unauthorised access and to steal the sensitive data. North Korea does it purposefully since it’s hammered with several sanctions and adequate resources. This makes the country to steal other nations’ work to develop their defence and nuclear projects. Further, there are teams for stealing money, gaining ransoms and laundering cryptocurrencies too. Though McAfee was able to get the samples of malware but not snippets of those phishing emails, it said the types of fake jobs offered are as follows;
F-22 Fighter Jet Program Defence, Space, and Security (DSS) Photovoltaics for space solar cells Aeronautics Integrated Fighter Group Military aircraft modernization programs