Incidents

222 incidents

2017-12
🇰🇷 Korea, Republic of
#Finance #DataBreach
2017-12
🇰🇷 Korea, Republic of
#Cryptocurrency #FinancialGain
2017-12
🇸🇮 Slovenia
#Cryptocurrency #FinancialGain
2017-10
🇸🇬 Singapore
#Cryptocurrency #FinancialGain
2017-10
Unknown
#Cryptocurrency #FinancialGain
2017-10
🇹🇳 Tunisia
#Finance #FinancialGain
2017-10
🇹🇼 Taiwan
#Finance #FinancialGain
2017-10
🇹🇼 Taiwan
#Finance #ATM #SWIFT #FinancialGain
2017-09
🇰🇷 Korea, Republic of
#Cryptocurrency #FinancialGain
2017-09
🇳🇵 Nepal
#Finance #FinancialGain
2017-09
🇰🇷 Korea, Republic of
#Travel #DataBreach #NetClient
2017-06
🇰🇷 Korea, Republic of
#Cryptocurrency #FinancialGain #DataBreach
2017-05
ZZZ, 🇷🇺 Russian Federation, 🇯🇵 Japan, 🇬🇧 United Kingdom, 🇫🇷 France, 🇰🇷 Korea, Republic of, 🇮🇳 India, 🇨🇳 China, 🇩🇪 Germany, 🇪🇸 Spain, 🇮🇩 Indonesia, 🇧🇷 Brazil, 🇺🇸 United States
#FinancialGain
2017-05
🇰🇷 Korea, Republic of
#Wateringhole #Finance
2017-04
🇰🇷 Korea, Republic of
#Cryptocurrency #FinancialGain
2017-12
Proofpoint described RatankbaPOS as part of financially motivated Lazarus Group activity centered on cryptocurrency and POS-related malware operations. The reporting connected RatankbaPOS with PowerRatankba downloaders, multiple delivery formats including…
🇰🇷 Korea, Republic of
#Finance #DataBreach
2017-12
Youbit was listed among South Korean cryptocurrency-exchange hacking incidents in reporting that described rising unauthorized withdrawals, unresolved police investigations, and the difficulty of tracing blockchain-enabled thefts through international coo…
🇰🇷 Korea, Republic of
#Cryptocurrency #FinancialGain
2017-12
NiceHash was described as a cryptocurrency-mining marketplace theft linked to Hidden Cobra, with the intrusion beginning through social engineering that impersonated a company system engineer and mimicked a Google Docs weekly-report invitation sent via an…
🇸🇮 Slovenia
#Cryptocurrency #FinancialGain
2017-10
Marine Chain was a Hong Kong-registered blockchain maritime investment platform investigated as a DPRK-linked cryptocurrency and sanctions-evasion scheme, with reporting noting at least one DPRK individual behind the project and concerns that tokenized sh…
🇸🇬 Singapore
#Cryptocurrency #FinancialGain
2017-10
ESET attributed attacks against a Central American online casino to Lazarus, citing overlapping toolsets, telemetry, Lazarus-linked malware, and shared static characteristics. The intrusions used service-oriented NukeSped backdoors, session hijacking, cre…
Unknown
#Cryptocurrency #FinancialGain
2017-10
A Tunisian financial institution was targeted in October 2017 in an attempted USD 60 million theft. Carnegie's financial-sector timeline and UN Panel reporting linked the case to DPRK-affiliated actors, making it part of the broader North Korean bank-thef…
🇹🇳 Tunisia
#Finance #FinancialGain
2017-10
Hermes ransomware appeared in DPRK-relevant activity around the 2017 Far Eastern International Bank heist, where BAE Systems observed Hermes alongside known Lazarus tools and assessed it may have served as distraction or cover during SWIFT-connected theft…
🇹🇼 Taiwan
#Finance #FinancialGain
2017-10
Far Eastern International Bank was targeted in an October 2017 cyber-enabled heist that abused systems connected to the SWIFT network and attempted unauthorized overseas transfers, with McAfee reporting spear-phishing, backdoor malware, credential harvest…
🇹🇼 Taiwan
#Finance #ATM #SWIFT #FinancialGain
2017-09
Coinis was cited in reporting on Lazarus-linked cryptocurrency exchange intrusions after attackers allegedly stole a code-signing certificate in the Coinis/WaveString breach, signed malware disguised as an OpenSSL library, and pushed malicious files throu…
🇰🇷 Korea, Republic of
#Cryptocurrency #FinancialGain
2017-09
Group-IB listed Nepal’s NIC Asia Bank among 2017–2018 SWIFT and local interbank transfer incidents in a broader set of Lazarus and Cobalt bank-theft activity. The available linked evidence supports a Nepal bank theft or attempt involving about $4.4 millio…
🇳🇵 Nepal
#Finance #FinancialGain
2017-09
Hanatour suffered a 2017 personal-data breach after an unidentified attacker compromised a NetClient server, distributed malware to work PCs and servers, gathered internal information, and used plaintext contractor credentials to access the security netwo…
🇰🇷 Korea, Republic of
#Travel #DataBreach #NetClient
2017-06
Bithumb disclosed that a 2017 hacking incident involving an employee personal PC exposed customer personal information, with later company reporting describing about 30,000 affected users and exposed names, email addresses, and phone numbers while stating…
🇰🇷 Korea, Republic of
#Cryptocurrency #FinancialGain #DataBreach
2017-05
The WannaCry ransomware attack (May 2017) was a global cryptoworm outbreak that exploited the leaked NSA-developed EternalBlue vulnerability in Microsoft Windows SMBv1, enabling it to self-propagate automatically across networks without user interaction; …
ZZZ, 🇷🇺 Russian Federation, 🇯🇵 Japan, 🇬🇧 United Kingdom, 🇫🇷 France, 🇰🇷 Korea, Republic of, 🇮🇳 India, 🇨🇳 China, 🇩🇪 Germany, 🇪🇸 Spain, 🇮🇩 Indonesia, 🇧🇷 Brazil, 🇺🇸 United States
#FinancialGain
2017-05
Operation GoldenAxe described suspected North Korean watering-hole activity from June 2016 to May 2017 that compromised more than ten South Korean organization websites tied to diplomacy, aviation, North Korea affairs, unification, parliament, labor, and …
🇰🇷 Korea, Republic of
#Wateringhole #Finance
2017-04
Yapizon was listed among South Korean cryptocurrency exchange hacking incidents in reporting on unauthorized withdrawals and unresolved investigations, with authorities emphasizing the difficulty of tracing thefts through decentralized and anonymous block…
🇰🇷 Korea, Republic of
#Cryptocurrency #FinancialGain
2017-05
ZZZ, 🇷🇺 Russian Federation, 🇯🇵 Japan, 🇬🇧 United Kingdom, 🇫🇷 France, 🇰🇷 Korea, Republic of, 🇮🇳 India, 🇨🇳 China, 🇩🇪 Germany, 🇪🇸 Spain, 🇮🇩 Indonesia, 🇧🇷 Brazil, 🇺🇸 United States
#FinancialGain