In an alarming new report, researchers found that North Korean-linked hackers have been using stolen passwords during cyberattacks to gain access to various government, military and financial networks. According to security experts, the creative tactics used by the North Korean state-sponsored hackers or malicious actors have become increasingly sophisticated and difficult to detect.
Credential stuffing is the name of the attack technique used by the North Korean hackers, and it has quickly become the most used attack method in recent years. During credential stuffing, hackers acquire login credentials from previously published data breaches and then attempt to use them to gain access to various systems.
While North Korea has technically denied any involvement, it is believed that the nation has ties to some of these cyberattacks. Recently, researchers found that North Korea was behind a series of cyberattacks targeting banks and financial institutions in 2018. The criminal group responsible for the attacks, known as Lazarus, is believed to be connected to the North Korean government.
The targeted companies had weak security policies and were the perfect targets for the North Korean hackers. The hackers were able to launch successful attacks using stolen passwords, which allowed them to gain access to various networks and servers. The researchers also identified multiple infrastructure links to North Korea, including the use of local IP addresses, domain names and shared code patterns.
The truth is, government and corporate networks are vulnerable to these cyber threats and as technology advances, so do the methods used by malicious actors. Stolen passwords remain one of the most popular ways to gain access to networks, and credential stuffing is becoming increasingly difficult to detect.
Organizations have the responsibility to protect their networks with the latest cybersecurity measures, while also educating their personnel on the risks of cyberattacks. Without proper security countermeasures and training, companies can become vulnerable to these threats and open themselves up to data breaches and financial losses.
It's important to understand the cyber threats posed by nation-state actors, as they are becoming increasingly sophisticated. North Korean hackers have proven to be a formidable force and have successfully gained access to government, military and financial networks through credential stuffing techniques. By investing in cyber security measures and educating personnel, organizations can protect themselves against these threats and prevent data breaches.
This Cyber News was published on thehackernews.com. Publication date: Wed, 25 Jan 2023 13:28:02 +0000