CyberSecurityBoard
Sponsor Register Login

North Korean Hackers Use EtherHiding to Evade Detection in Cyber Espionage Campaign

North Korean hackers have adopted a sophisticated technique called EtherHiding to evade detection in their cyber espionage campaigns. This method allows them to conceal malicious activities within legitimate network traffic, making it harder for security systems to identify and block their operations. The use of EtherHiding represents an evolution in the tactics employed by North Korean threat actors, highlighting their continuous efforts to enhance stealth and persistence in targeted attacks. EtherHiding leverages the manipulation of network protocols to embed malicious payloads in seemingly benign data packets. This approach complicates traditional network monitoring and intrusion detection systems, which rely on identifying anomalies or known signatures. By blending malicious traffic with normal communications, attackers can bypass security controls and maintain long-term access to compromised environments. The campaign attributed to North Korean hackers demonstrates their focus on espionage objectives, targeting government entities, defense contractors, and critical infrastructure sectors. The attackers aim to gather sensitive information, intellectual property, and strategic intelligence to support their national interests. The use of advanced evasion techniques like EtherHiding underscores the increasing sophistication of state-sponsored cyber threats. Security experts recommend enhancing network visibility and adopting advanced detection technologies that can analyze traffic patterns and identify hidden threats. Organizations should also implement robust endpoint protection, conduct regular security assessments, and educate employees about phishing and social engineering tactics commonly used to initiate such attacks. This development serves as a reminder of the evolving cyber threat landscape and the need for continuous improvement in cybersecurity defenses. Staying informed about emerging tactics and investing in proactive security measures are essential to mitigating risks posed by advanced persistent threats like those from North Korean hacker groups.

This Cyber News was published on thehackernews.com. Publication date: Thu, 16 Oct 2025 23:14:03 +0000


Cyber News related to North Korean Hackers Use EtherHiding to Evade Detection in Cyber Espionage Campaign

North Korean Hackers Use EtherHiding to Evade Detection in Cyber Espionage Campaign - North Korean hackers have adopted a sophisticated technique called EtherHiding to evade detection in their cyber espionage campaigns. This method allows them to conceal malicious activities within legitimate network traffic, making it harder for ...
4 weeks ago Thehackernews.com North Korean hackers
North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
1 year ago Bleepingcomputer.com Andariel Kimsuky Lazarus Group
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks - Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet, that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for ...
1 year ago Microsoft.com
North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
2 years ago Therecord.media
North Korean IT worker scam is now a threat to all companies, cybersecurity experts say | The Record from Recorded Future News - Since disruptions began last year and law enforcement has publicly warned companies of the practice, DTEX’s Barnhart and others said they have seen some workers try to extort companies or hand off their access to more sophisticated North Korean ...
6 months ago Therecord.media
North Korean Hackers Utilizing Credential Stuffing to Launch Cyberattacks - In an alarming new report, researchers found that North Korean-linked hackers have been using stolen passwords during cyberattacks to gain access to various government, military and financial networks. According to security experts, the creative ...
2 years ago Thehackernews.com
North Korean Hackers Using EtherHiding to Evade Detection - North Korean hackers have adopted a sophisticated new technique called EtherHiding to evade cybersecurity defenses and conduct stealthy cyber espionage. This method leverages the Ethereum blockchain to conceal malicious activities, making detection ...
3 weeks ago Cybersecuritynews.com North Korean hackers
Reserachers Uncovered North Korean Nationals Remote IT Worker Fraud Scheme - In a significant cybersecurity investigation, researchers have revealed an elaborate fraud scheme orchestrated by North Korean nationals who used stolen identities to secure remote IT positions at US-based companies and nonprofits. The operation ...
5 months ago Cybersecuritynews.com
U.S DoJ Announces Nationwide Actions to Combat North Korean Remote IT Workers - The U.S. Department of Justice announced coordinated nationwide law enforcement actions on June 30, 2025, targeting North Korean remote information technology workers’ illicit revenue generation schemes that have defrauded American companies ...
4 months ago Cybersecuritynews.com
OpenAI Disrupts Russian, North Korean Cyber Espionage Operations Using AI-Powered Threat Detection - In a groundbreaking development in cybersecurity, OpenAI has successfully disrupted cyber espionage operations conducted by Russian and North Korean threat actors. Leveraging advanced AI-powered threat detection technologies, OpenAI's innovative ...
1 month ago Thehackernews.com Russian cyber espionage groups North Korean cyber espionage groups
North Korea's Kimsuky Attacks Rivals' Trusted Platforms - North Korea-linked threat groups are increasingly using living-off-the-land (LotL) techniques and trusted services to evade detection, with a recent Kimsuky campaign showcasing the use of PowerShell scripts and storing data in Dropbox folders, along ...
8 months ago Darkreading.com Andariel Kimsuky
US govt sanctions North Korea's Kimsuky hacking group - The Treasury Department's Office of Foreign Assets Control has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence in support of the country's strategic goals. OFAC has also sanctioned eight North Korean agents for ...
1 year ago Bleepingcomputer.com Andariel Kimsuky
macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks - North Korean advanced persistent threat groups are mixing and matching components of two recently unleashed types of Mac-targeted malware to evade detection and fly under the radar as they continue their efforts to conduct operations at the behest of ...
1 year ago Darkreading.com
FBI Charges North Korean Hackers Over $100 Million Stolen in Crypto Hack - The FBI has recently charged a North Korean hacker in connection with the Harmony crypto hack from which the hacker allegedly stole over $100 million. The hacker, Jon Chang Hyok, is a member of the North Korean military intelligence agency, the ...
2 years ago Bleepingcomputer.com
North Korean IT worker army expands operations in Europe - GTIG's report follows multiple warnings issued by the FBI regarding North Korea's massive army of IT workers sent abroad to generate revenue, who have tricked hundreds of companies in the United States and worldwide into hiring them over the years. ...
7 months ago Bleepingcomputer.com
Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms - The US government has announced charges, seizures, arrests and rewards as part of an effort to disrupt a scheme in which North Korean IT workers infiltrated hundreds of companies and earned millions of dollars for North Korea. According to the ...
1 year ago Securityweek.com
North Korean Remote IT Workers Added New Tactics and Techniques to Infiltrate Organizations - North Korean state-sponsored remote IT workers have significantly evolved their infiltration tactics, incorporating artificial intelligence tools and sophisticated deception techniques to penetrate organizations worldwide. Microsoft researchers ...
4 months ago Cybersecuritynews.com
North Korean Hackers Stole $600m in Crypto in 2023 - North Korean hackers stole at least $600m in cryptocurrency in 2023, around a third of the total value of such heists, according to blockchain intelligence firm TRM. Despite the eye-watering sum, this figure represents a 30% reduction on ...
1 year ago Infosecurity-magazine.com
North Korean hackers target Ukrainian government in new espionage campaign | The Record from Recorded Future News - North Korea, which started deploying troops to assist Russian forces in Ukraine in late 2024, is likely using this intelligence to assess risks to its own forces on the ground and to gauge whether Moscow will require further military support, ...
5 months ago Therecord.media
Experts from the United Nations Report North Korean Hackers Have Taken a Large Amount of Digital Assets - Last year, North Korean hackers working for the government stole a record-breaking amount of virtual assets estimated to be worth between $630 million and more than $1 billion, according to a new report from U.N. experts. The panel of experts said ...
2 years ago Securityweek.com Andariel Kimsuky Lazarus Group Rocke
Unmasking Moonstone Sleet: A Deep Dive into North Korea's Latest Cyber Threat - Moonstone Sleet: A New North Korean Threat Actor Microsoft discovered a new North Korean threat actor, Moonstone Sleet, who targets companies with a combination of tried-and-true techniques used by other North Korean threat actors as well as unique ...
1 year ago Cysecurity.news
SharkStealer Using EtherHiding Pattern to Evade Detection - SharkStealer, a notorious information-stealing malware, has adopted a sophisticated evasion technique known as the EtherHiding pattern to avoid detection by security solutions. This advanced method allows the malware to conceal its network traffic ...
2 weeks ago Cybersecuritynews.com
US seizes Sinbad crypto mixer used by North Korean Lazarus hackers - The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group. A cryptocurrency mixer is a server that allows people to deposit crypto, ...
1 year ago Bleepingcomputer.com Lazarus Group
Microsoft links North Korean hackers to new FakePenny ransomware - Microsoft has linked a North Korean hacking group it tracks as Moonstone Sleet to FakePenny ransomware attacks, which have led to millions of dollars in ransom demands. While this threat group's tactics, techniques, and procedures largely overlapped ...
1 year ago Bleepingcomputer.com Kimsuky Lazarus Group LockBit Ransomhub
North Korean hackers use Etherhiding to hide malware on the blockchain - North Korean hackers have adopted a novel technique called Etherhiding to conceal malware within the Ethereum blockchain. This innovative method leverages the decentralized and immutable nature of blockchain technology to evade traditional detection ...
3 weeks ago Bleepingcomputer.com North Korean hackers

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)