![]() Researchers have found connections of DEV-0530 with the PLUTONIUM APT group (aka DarkSeoul and Andariel).īetween June 2021 and May 2022, the Microsoft Threat Intelligence Center (MSTIC) classified H0lyGh0st ransomware under two new malware families: SiennaPurple and SiennaBlue. ![]() The attackers employ “double extortion”, encrypting data and also threatening to publish data if the target refuses to pay. DEV-0530 has targeted small-to-medium businesses in multiple countries since September 2021, including manufacturing organizations, banks, schools, and event and meeting planning companies. Researchers have attributed an emerging ransomware threat to a North Korean based threat actor they call DEV-0530 (the group calls itself “H0lyGh0st”). Southeast Asia and Korean Peninsula DEV-0530 attacks For each story, we sought to summarize the most significant facts, findings, and conclusions of researchers, which we believe can be of use to experts who address practical issues related to ensuring the cybersecurity of industrial enterprises. This summary provides an overview of APT attacks on industrial enterprises disclosed in H2 2022 and related activity of groups that have been observed attacking industrial organizations and critical infrastructure facilities.
0 Comments
Leave a Reply. |