Hacker News with Generative AI: North Korea

Record thefts boost North Korea to third-largest Bitcoin holder (thetimes.com)
The North Korea worker problem is bigger than you think (cyberscoop.com)
North Korean nationals have infiltrated businesses across the globe with a more expansive level of organization and deep-rooted access than previously thought, insider risk management firm DTEX told CyberScoop.
Donate USB Drives and SD Cards to Help US Smuggle Outside Info into North Korea (flashdrivesforfreedom.org)
Believe it or not, USBs are a significant form of sharing information in North Korea. Many citizens have devices with USB ports and SD card slots. So for many years, North Korean defectors have organized efforts to smuggle outside info into North Korea on USB drives to counter Kim Jong-un’s constant propaganda. But these groups were buying memory devices at cost with limited resources.
North Korea Launders Billions in Stolen Crypto (coindesk.com)
North Korea has stolen over $5 billion from the crypto sector since 2017.
Lazarus Group deceives developers with 6 new malicious NPM packages (cyberscoop.com)
Lazarus Group has burrowed deeper into the npm registry and planted six new malicious packages designed to deceive software developers and disrupt their workflows, researchers at cybersecurity firm Socket said in a Monday blog post.
Strava bans user for running in North Korea (dcrainmaker.com)
On the list of quirky things, I didn’t have “Strava bans user for running in North Korea” on my bingo card today. But here we are. I’ve just spent the last hour going down the rabbit hole that is the Pyongyang Marathon (in North Korea), and it turns out – it’s a thing. As in, as thing that outsiders come and run. There’s even an official website for it. In fact, there’s been 31 editions of it.
Strava Bans User for Running in North Korea (dcrainmaker.com)
On the list of quirky things, I didn’t have “Strava bans user for running in North Korea” on my bingo card today. But here we are. I’ve just spent the last hour going down the rabbit hole that is the Pyongyang Marathon (in North Korea), and it turns out – it’s a thing. As in, as thing that outsiders come and run. There’s even an official website for it. In fact, there’s been 31 editions of it.
New North Korean Android Spyware Slips onto Google Play (bleepingcomputer.com)
A new Android spyware named 'KoSpy' is linked to North Korean threat actors who have infiltrated Google Play and third-party app store APKPure through at least five malicious apps.
North Korean Lazarus hackers infect hundreds via NPM packages (bleepingcomputer.com)
Six malicious packages have been identified on npm (Node package manager) linked to the notorious North Korean hacking group Lazarus.
First British tourists allowed back into North Korea tell BBC what they saw (bbc.co.uk)
Don't insult the leaders. Don't insult the ideology. And don't judge.
How North Korea pulled off a $1.5B crypto heist–the biggest in history (arstechnica.com)
The cryptocurrency industry and those responsible for securing it are still in shock following Friday’s heist, likely by North Korea, that drained $1.5 billion from Dubai-based exchange Bybit, making the theft by far the biggest ever in digital asset history.
North Korea steals $1.5B as it pulls off biggest ever heist (aol.com)
State-backed North Korean hackers have stolen $1.5bn (£1.2bn) of cryptocurrency in the largest heist in history.
How North Korea pulled off a $1.5B crypto heist–the biggest in history (arstechnica.com)
The cryptocurrency industry and those responsible for securing it are still in shock following Friday’s heist, likely by North Korea, that drained $1.5 billion from Dubai-based exchange Bybit, making the theft by far the biggest ever in digital asset history.
North Korea pulled off a $1.5B crypto heist–the biggest in history (arstechnica.com)
The cryptocurrency industry and those responsible for securing it are still in shock following Friday’s heist, likely by North Korea, that drained $1.5 billion from Dubai-based exchange Bybit, making the theft by far the biggest ever in digital asset history.
$1.5B Bybit Hack – How the biggest hack in history happened (harrydonnelly.substack.com)
Yesterday, ~$1.4bn was stolen from Bybit. This is the largest hack in crypto history, completed by Lazarus Group, North Korea’s state sponsored cyber-crime unit.
Bybit sees over $4B 'bank run' after crypto's biggest hack (coindesk.com)
Major cryptocurrency exchange Bybit has seen total outflows of over $5.5 billion after it suffered a near $1.5 billion hack that saw hackers, believed to be from North Korea’s Lazarus Group, drain its ether cold wallet.
SEAL Advisory on DPRK Threat to Crypto Exchanges (securityalliance.org)
Less than 12 hours ago, DPRK operatives stole over US$1.5 billion in Ethereum from Bybit.
Rare Photos from Inside North Korea's 'Hotel of Doom' (2023) (9news.com.au)
The stranger than strange Ryugyong Hotel in Pyongyang, North Korea is one of the tallest unoccupied buildings in the world, and Englishman Simon Cockerell may be one of only two westerners to have ever been allowed inside.
Dinner at a North Korean Restaurant in Shanghai (2016) (wordpress.com)
Shrouded in secrecy and isolated from the world, North Korea exudes an air of mystery.
North Korean IT teams infiltrate global freelance platforms (dailynk.com)
North Korea has intensified its covert foreign currency operations by sending elite IT workers to China and Southeast Asia as freelancers.
North Korean Apt Lazarus Targets Developers with Malicious NPM Package (socket.dev)
Socket researchers have discovered the malicious npm package postcss-optimizer, which contains code linked to previously documented campaigns conducted by North Korean state-sponsored threat actors known as Contagious Interview, a subgroup within the broader Lazarus Advanced Persistent Threat (APT) group.
Kim Jong-un bans hotdogs for North Koreans, cooking them an act of treason (nzherald.co.nz)
New 'OtterCookie' malware used to backdoor devs in fake job offers (bleepingcomputer.com)
North Korean threat actors are using new malware called OtterCookie in the Contagious Interview campaign that is targeting software developers.
Analyzing North Korean Malware (medium.com)
We came across this campaign when a user reported that they were offered a job through LinkedIn, and that the “challenge” presented by the recruiter contained malware.
N Korea hackers stole $1.3B of crypto this year (bbc.com)
A total of $2.2bn (£1.76bn) in cryptocurrencies has been stolen this year, with North Korean hackers accounting for more than half that figure, according to a new study.
North Korea and Russia: A Match Made in Hell (thebulwark.com)
It appears Vladimir Putin recently reached the same conclusion, as North Korea is reported to have sent as many as 10,000 North Korean soldiers to support Putin’s “special military operations” in Ukraine.
Fourteen North Koreans Indicted for Fraudulent IT Worker Scheme and Extortions (justice.gov)
A federal court in St. Louis, Missouri, yesterday indicted 14 nationals of the Democratic People’s Republic of North Korea (DPRK or North Korea) with long-running conspiracies to violate U.S. sanctions and to commit wire fraud, money laundering, and identity theft.
North Korea May End Up Sending Putin 100,000 Troops for His War (bloomberg.com)
North Korea may deploy as many as 100,000 troops to aid Russia’s war on Ukraine if the alliance between Pyongyang and Moscow continues to deepen, according to people familiar with assessments made by some Group of 20 nations.
North Korean hackers create Flutter apps to bypass macOS security (bleepingcomputer.com)
North Korean threat actors target Apple macOS systems using trojanized Notepad apps and minesweeper games created with Flutter, which are signed and notarized by a legitimate Apple developer ID.
Officials warn of Russia's tech-for-troops deal with North Korea for Ukraine (theregister.com)
The EU has joined US and South Korean officials in expressing concern over a Russian transfer of technology to North Korea in return for military assistance against Ukraine.