Researchers said Wednesday that North Korean hackers are probably working with Russian-speaking cyber criminals on ransomware and other malicious software.
Security firm Intel 471 said in a report that it found links between North Korea’s hacker group Lazarus, known worldwide for attacks on banks, and a Russian-run malware operation called trickboat.
The trickboat is described in the report as a “Malware-as-a-Service of Service operated by Russian-speaking cyber criminals” not openly advertised on any open or invite-only cybercriminal forum or marketplace is.
The report states that it “works with top-level cyber criminals with a proven reputation.”
The Intel 471 report says other security researchers have pointed to a possible relationship between the groups, but its investigation has found more evidence, indicating that malware developed in North Korea is on sale in Russian markets it was done.
“We conclude that we are very likely that actors who are at risk for trapbot infections or are exposed to trickbot infections,” the report states.
“DPRK threat actors are likely to be active in the cyber underground and maintain trusting relationships with top-tier Russian-speaking cyber criminals.”
It added that “the use of malware is only presumed and possibly written by the DPRK that threat actors are distributed through network access held by Russian-speaking cyber criminals.”
(This story has not been edited by NDTV staff and auto-generated from a syndicated feed.)