New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

US Treasury Department Sanctions North Korean Groups

North Korea/United States: Three hacking groups from North Korea including the Lazarus Group, Bluenoroff and Andarial have had their assets frozen by the US Treasury Department. All three groups have been seen carrying out attacks in the past with financial gain as their motive, and when money is stolen, it needs to be hidden somewhere. The three groups operate under the control of the North Korean government. The sanctions which were signed into effect instruct members of the global banking sector to freeze any accounts or assets that have been linked to these groups. North Korea uses these funds to run many different projects including their nuclear project creation and testing. Once the US placed trade sanctions on North Korea, these groups were seen at a higher rate because the country needed more money once they were restricted on trade. These sanctions may freeze the assets that are known from North Korea to be based in places like the United States, but this will not halt the operations of the groups, as they will always be able to find alternate ways to hide the money from authorities.

Analyst Notes

It is possible that North Korea will not make any public statement about the assets being frozen because by doing so, they will then be admitting that they were behind the attacks that stole the money.