North Korean Hackers Sniffing for US Defense Secrets
According to McAfee, North Korea was behind a cyber-espionage campaign that occurred earlier this year and targeted US defense and aerospace firms. McAfee’s Advanced Threat Research group claimed they detected similarities between the recent campaign and previous ones that linked the espionage to Hidden Cobra, a term used to refer to several North Korean threat groups including Kimsuky, Lazarus, KONNI, and APT37.
The new campaign has been named “Operation North Star” and occurred over a three-month span, from March to May. The campaign consisted of spear-phishing emails featuring legitimate job ads to lure defense contractor employees. The threat actors planted malicious documents in the advertisements to install malware on the victims’ devices. McAfee also states that the targets were pursued over social media as well.