North Korean IT Workers Are Infiltrating Tech Companies


Like Russia on a large scale The war in Ukraine is approaching its centenary, the opposition of Ukrainian forces is as strong as ever. At the same time, hacktivists around the world continue to rape Russian institutions and publish their files and emails. This week, a hacktivist group took a different and somewhat peculiar approach: launching a service to jokingly call Russian government officials. The new website uses filtered details to put two Russian officials at random in a call between them. Obviously, it won’t make any difference in the outcome of the war, but the group that created it expects the tool to cause some confusion and upset those in Moscow.

A new investigation by Google’s threat analysis group has delved into the rental surveillance industry and found that spyware vendors target Android devices with zero-day exploits. According to the Google team, state-sponsored actors in Egypt, Armenia, Greece, Madagascar, Côte d’Ivoire, Serbia, Spain and Indonesia have bought hacking tools from the Macedonian firm Cytrox. Malware has used five previously unknown Android exploits, along with patchless vulnerabilities. Overall, Google researchers say they are tracking more than 30 rental surveillance companies worldwide.

In other news about malware, academics at Darmstadt Technical University in Germany have discovered a way to track the location of an iPhone even when it’s turned off. When you turn off your iPhone, it doesn’t turn off completely, but the chips inside work in a low-power mode. Investigators were able to run malicious software that can track your phone in this low-power mode. They believe their work is the first of its kind, but the method is unlikely to be a major real-world threat, as it first requires jailbreaking the target iPhone, which has generally become more difficult. do in recent years.

But wait, there’s more. We’ve picked up all the news we haven’t given or explained in depth this week. Click on the headlines to read the full stories. And stay safe out there.

The international sanctions imposed on North Korea, for its continued development of nuclear weapons and ballistic missiles, make it impossible for the nation to trade with other countries or carry money outside its borders. To prevent this, in recent years Pyongyang has allowed its state-affiliated hackers to attack cryptocurrency platforms and rob banks. Now, the FBI, the U.S. Department of State, and the U.S. Treasury have warned that thousands of North Korean computer workers, including application and software developers, have been working independently for companies around the world. world and have sent money home. Many of them are based in China or Russia, officials say. The risks of hiring North Korean workers range from “theft of intellectual property, data and funds to damage to reputation and legal consequences, including sanctions by US and United Nations authorities.”

In a major public move, the U.S. Department of Justice says it will stop prosecuting security investigators under the Computer Abuse and Fraud Act. “Computer security research is a key driver in improving cybersecurity,” Deputy Attorney General Lisa Monaco said in a statement. For years, the CFFA anti-piracy law has been criticized for its wide scope and potential for being abused by prosecutors. Although the explicit change in DOJ policy will be welcomed by researchers, such as Motherboard reports, the policy did not go far enough and may still put legitimate researchers at risk.

The ransomware band Conti, mostly based in Russia, has had a terrible month. After supporting Vladimir Putin’s war in Ukraine, thousands of his most intimate and secret messages were posted online. Although the gang has continued to target victims, including the Costa Rican government, investigators now say Conti has officially closed its operations. Tor de Conti’s dashboards have been disconnected and group members are being split into other ransomware groups, according to security firm Advanced Intel. The closure comes after the U.S. government offered a $ 15 million reward for information about Conti members.

Canada has become the latest country in the Five Eyes intelligence group, which also includes the United States, the United Kingdom, Australia and New Zealand, to ban the use of Huawei’s telecommunications equipment on its networks. 5G. Chinese telecommunications company ZTE is also included in the ban. The Canadian government, in an announcement, cited national security concerns and the fact that companies could be forced to comply with orders from “foreign governments”. Starting in September, Canadian companies will no longer be able to buy new 4G and 5G equipment from Chinese companies. All existing 5G equipment must be removed by the summer of 2024 and 4G equipment must be withdrawn by the end of 2027.



Source link

Leave a Reply