Crypto Crime Alert! North Korea-Linked Group Laundered $7 Billion! ????

Oct 09 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that won’t let you down in the never ending fight against cybercrime like Israel’s Iron Dome in the never ending fight for/against… Umm we’ll get back to you on that ???? In all seriousness, #PrayforIsrael ????????????

Today’s hottest cybersecurity news stories:

  • ⚰️ Lazarus Group rises. N. Korea’s finest launders $900m in crypto ????

  • ⚡ Semiconductor firms hit with Cobalt Strike by Chinese hackers ????‍????

  • ☠️ Cybercrime gangs are dropping ransomware within 24 hours of hack ⏰

Lazarus returns. Why not? They’re Korea criminals! ????????????

???? Crypto Crime Alert! North Korea-Linked Group Laundered $7 Billion! ????

In a shocking revelation, a staggering $7 billion in cryptocurrency has been laundered through cross-chain crimes, and the infamous North Korea-linked Lazarus Group is responsible for nearly $900 million of those ill-gotten gains from July 2022 to July this year. ????????

???? What’s Cross-Chain Crime? It’s the sneaky act of converting crypto assets from one blockchain to another, making it super tricky to trace the money’s origins. ????????

???? According to blockchain experts at Elliptic, the Lazarus Group’s use of cross-chain bridges has skyrocketed the use of this technique, resulting in a whopping 111% increase in funds sent via such services. ????????

???? The group has been on a hacking spree since June 2023, targeting various crypto platforms and making off with a whopping $240 million. ????????

???? But that’s not all! The Lazarus Group is a versatile threat actor, known for cyber espionage, cyber sabotage, and chasing financial gains. They’re even using “chain-hopping” to launder their loot. ????????

???? Meanwhile, South Korea’s National Intelligence Service (NIS) warns of North Korea’s cyber attacks on its shipbuilding sector, using tactics like phishing emails and infecting IT maintenance company PCs. Be vigilant, folks! ????????️

Stay safe in the crypto world, and keep an eye out for these sneaky cyber criminals! ????????


Clean your Mac or PC


Cybersecurity is more important than ever, and your Mac or PC are no exception. Over time, your Mac or PC can accumulate junk files, malware, and other threats that can slow it down and make it vulnerable to attack.

That’s where MacPaw comes in. MacPaw offers a suite of easy-to-use apps that can help you clean, optimize, and secure your Mac. With MacPaw, you can:

  • Remove junk files and malware to free up space and improve performance

  • Protect your privacy by erasing sensitive data

  • Optimize your startup settings to speed up boot times

  • Manage your extensions and apps to keep your Mac or PC running smoothly

Since 2008 MacPaw is trusted by over 30 million users worldwide, and it’s the perfect solution for keeping your Mac or PC safe and secure.

Chinese Hacker: I’ve got a Semi ????????????

???? Cybersecurity Alert: East Asia Semiconductor Firms Targeted! ????️????

???? Threat actors have been caught red-handed, targeting semiconductor companies in East Asia. They’re posing as the renowned Taiwan Semiconductor Manufacturing Company (TSMC) and using this disguise to deliver malicious Cobalt Strike beacons. ????????

???? How Do They Do It? These cybercriminals use a backdoor named HyperBro, then deploy attack simulation software and post-exploitation tools. They’ve also tried sneaky tactics like using an undisclosed malware downloader to launch Cobalt Strike, proving they’re quite clever. ????️‍♂️????

☭ China Connection? Dutch cybersecurity experts from EclecticIQ believe this campaign is linked to China due to the use of HyperBro, a tool previously associated with the Lucky Mouse threat actor. ????

????️‍♂️ More Connections: There are tactical overlaps with another group called RedHotel and another named Earth Lusca. Seems like these cyber villains are well-connected. ????

???? How They Trick You: They use a fake TSMC-themed PDF document as a decoy after infecting your system with HyperBro. Crafty, right? ????

????️ Avoiding Detection: To dodge detection, the Cobalt Strike beacon’s server address is disguised as a legitimate jQuery CDN, sneaking past firewall defences. ????????

???? Global Impact: Meanwhile, Belgium is also on high alert for possible spying and interference activities by Chinese entities, including Alibaba, at Liège cargo airport. China’s influence is spreading far and wide. ????️

⚠️ U.S. Warning: The U.S. Department of Defense warns that China poses a significant cyber espionage threat, stealing tech secrets and compromising critical infrastructure. Cybersecurity is more crucial than ever! ????

Stay vigilant, folks! Protect your systems, and be cautious of suspicious emails and documents. ????️????

???? Catch of the Day!! ????????????

???? The Motley Fool: “Fool me once, shame on — shame on you. Fool me — you can’t get fooled again.” Good ol’ George Dubya ???? Let us tell who’s not fooling around though; that’s the Crüe ???? at Motley Fool. You’d be a fool (alright, enough already! ????) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! ???? Kidding aside, if you check out their website they’ve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets ???? (LINK)

???? Wander: Find your happy place. Cue Happy Gilmore flashback ????️⛳????????️ Mmmm Happy Place… ???? So, we’ve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, it’s easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway ????️???? (LINK)

???? Digital Ocean: If you build it they will come. Nope, we’re not talking about a baseball field for ghosts ???????? (Great movie, to be fair ????). This is the Digital Ocean who’ve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website you’ll find yourself catching the buzz even if you can’t code (guilty ????). But if you can and you’re looking for somewhere to test things out or launch something new or simply enhance what you’ve got, we’d recommend checking out their services fo’ sho ???? And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! ???? (LINK)

Hackers: What a difference a day makes… 24 little hours ????

Jennifer Aniston Taking Control GIF by Apple TV+


Gif by AppleTV on Giphy


???? Ransomware Attacks Strike Faster Than Ever! ⚡????

A new threat report from cybersecurity company Secureworks reveals that cybercriminals are now deploying ransomware within a mere 24 hours after hacking into their victims’ systems. ????????

Last year, it took them an average of 4.5 days to initiate ransomware attacks, but this has dramatically decreased. Secureworks warns that 2023 could be the year with the highest number of ransomware attacks ever recorded. ????????

In May 2023, there were three times more victims listed on leak sites compared to the same month the previous year, indicating the scale of the problem. However, these leak sites only represent a fraction of the actual victims known to law enforcement. ????????

The report advises caution when using leak site data but emphasises that ransomware and data theft extortion remain a significant threat to businesses. ????????

Secureworks also found that in over 50% of cases, cybercriminals managed to execute their ransomware within just 24 hours of infiltrating a victim’s network. The median dwell time has sharply dropped from 4.5 days to much shorter intervals, with some ransomware attacks happening within just five hours of initial access. ⏳????

This trend is driven by cybercriminals seeking to reduce their chances of detection. The cybersecurity industry has become better at spotting precursor activities to ransomware attacks.

As a result, threat actors are opting for quicker and simpler operations, though the risk remains substantial. Stay vigilant, and protect your systems! ????️????

????️ Extra, Extra! Read all about it!

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • ???? HealthHack: Tech is making it easier than ever to reach your fitness goals, from wearable devices to nutrition apps, this newsletter does the research for you, get all the latest health tech gadgets delivered to your inbox.

  • Crypto Nutshell: A well written and beautifully designed newsletter giving you the lowdown on crypto and web3, highly recommend if interested to get up to date info on the crypto/web3 market.

  • ???? Big Brain: Trending AI news, jobs and tools delivered in 3 minutes per day.

Let us know what you think!

So long and thanks for reading all the phish!

Recent articles