"North Korean Hackers Spoof Venture Capital Firms in Japan, Vietnam and US"

According to new research, hackers based in North Korea are impersonating financial institutions and venture capital firms in the US, Vietnam, and Japan. Recorded Future's Insikt Group linked the campaign to APT38, a North Korea-sponsored group known for launching many high-profile attacks against cryptocurrency firms and other organizations. In the most recent cluster of activity from September 2022 to March 2023, researchers found 74 domains resolving to five IP addresses and six malicious files. Previous Insikt Group reporting on overlapping activity attributed to TAG-71 highlighted the group's spoofing of domains belonging to financial institutions in Japan, Taiwan, and the US, and popular cloud services used by many companies. According to the report, North Korean hacking groups have a lengthy history of launching financially-motivated attacks and intrusion campaigns against cryptocurrency exchanges, commercial banks, and e-commerce systems. These campaigns aim to bolster the North Korean government's ongoing efforts to generate funds for the regime, which remains subject to significant international sanctions. This article continues to discuss APT38 spoofing financial institutions and venture capital firms in the US, Vietnam, and Japan. 

The Record reports "North Korean Hackers Spoof Venture Capital Firms in Japan, Vietnam and US"