North Korean’s Stonefly Shifts from Espionage to Ransomware, Extortion

October 2, 2024 | North Korean hacking group Stonefly has shifted from espionage to financially motivated attacks, with security experts predicting future ransomware extortion incidents. Symantec’s Threat Hunter Team revealed that Stonefly targeted three U.S. organizations in August. Though ransomware wasn’t deployed, researchers believe these attacks were financially driven.

Stonefly, linked to North Korean military intelligence, has been active since 2009, and this move follows a broader trend of state-sponsored groups engaging in ransomware for revenue generation.

[Read the full article]

Newsletter Signup

Stay up-to-date on the latest resources and news from CRITICALSTART.