netsec - Network Security

427 readers

1 users here now

This is the netsec Community, a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise - to provide value to security practitioners, students, researchers, and hackers everywhere.

Content Guidelines:

Content should focus on the "How".
Always try to link to the original source.
Titles should provide context.
Ask Questions with a "[Question]" prefix in the Title.
Hiring Posts must go in the [Hiring] (stickied) Threads.
Commercial advertisement is discouraged.

Discussion Guidelines:

Don't create unnecessary conflict.
No trolling allowed, limit the use of jokes and memes.
Don't complain about content being a PDF.
Be nice to each other, everybody started somewhere.

Prohibited Content:

No populist news articles (CNN, BBC, FOX, etc)
No curated lists.
No social media posts (Facebook, Twitter, etc).
No image-only/video-only posts.
No livestreams.
No Tech Support requests.
No paywalled/regwalled content (use archive.is if possible?)
No commercial advertisement.
No crowdfunding posts.
No personally identifiable information.
No doxxing, and no harrassment of any kind.

founded 2 years ago

MODERATORS

cookiengineer@discuss.tchncs.de

Malicious NPM packages attributed to North Korean state actors (blog.phylum.io)

submitted 2 years ago by expertmadman@sh.itjust.works to c/netsec@discuss.tchncs.de

2 comments fedilink hide all child comments

top 2 comments

sorted by: hot top controversial new old

[–] DogMuffins@discuss.tchncs.de 0 points 2 years ago (1 children)

Whenever I hear about hackers in North Korea I always wonder how they could support a sophisticated info sec agency with advanced capabilities. I guess I just assumed there isn't really a thriving tech community in NK from which to recruit.

I honestly don't know, maybe this attack is as simple as tricking a maintainer into merging a sketchy commit, and not that sophisticated?

Or do they "purchase capability" from supporters like China or Russia?

[–] dubbel@discuss.tchncs.de 1 points 2 years ago

This attack does seem to be on the simpler side technically.

NK recruits their hackers straight from the elite-ish high schools, trains them in computer science, and send them abroad with the objective to earn money through any technical means. How exactly they do it is pretty much up to them.

I can highly recommend the podcast "The Lazarus Heist" if you want to know more about NKs state hacking ventures: http://www.bbc.co.uk/programmes/w13xtvg9

RSS address: https://podcasts.files.bbci.co.uk/w13xtvg9.rss