North Korean group infiltrated 100-plus companies with imposter IT pros: CrowdStrike report
- by nlqip
CSO caught up with Adam Meyers, CrowdStrike’s SVP of counter adversary operations, whose team produced the report, for an exclusive interview on the report’s findings. (Questions regarding the “Channel File 291 incident” were directed to CrowdStrike’s Remediation and Guidance Hub, where the company is providing continuous information and updates, including an FAQ.)
Famous Chollima’s shocking insider threats
Of seven case studies presented in the report, the most daring is that of a group CrowdStrike calls Famous Chollima, an alleged DPRK-nexus group. Starting with a single incident in April 2024, CrowdStrike discovered that a group of North Koreans, posing as American workers, had been hired for multiple remote IT worker jobs in early 2023 at more than thirty US-based companies, including aerospace, defense, retail, and technology organizations.
CrowdStrike’s threat hunters discovered that after obtaining employee-level access to victim networks, the phony workers performed at minimal enough levels to keep their jobs while attempting to exfiltrate data using Git, SharePoint, and OneDrive and installing remote monitoring and management (RMM) tools RustDesk, AnyDesk, TinyPilot, VS Code Dev Tunnels, and Google Chrome Remote Desktop.
Source link
lol
CSO caught up with Adam Meyers, CrowdStrike’s SVP of counter adversary operations, whose team produced the report, for an exclusive interview on the report’s findings. (Questions regarding the “Channel File 291 incident” were directed to CrowdStrike’s Remediation and Guidance Hub, where the company is providing continuous information and updates, including an FAQ.) Famous Chollima’s shocking…
Recent Posts
- A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- Xerox To Buy Lexmark For $1.5B In Blockbuster Print Deal
- Vulnerability Summary for the Week of December 16, 2024 | CISA
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict