North Korea's APT45: From Espionage to Ransomware Extortion - #APT45
The US Department of Justice has indicted Rim Jong Hyok, a North Korean military operative affiliated with the notorious Andariel hacking group, for orchestrating ransomware attacks on American healthcare facilities and exploiting the ransom payments to fund further cyber intrusions against defense, aerospace, and technology entities globally. Andariel, also tracked as APT45, Onyx Sleet, and SILENT CHOLLIMA, has been conducting cyber espionage campaigns since 2014, primarily targeting the military-industrial complex to steal classified data supporting North Korea's nuclear ambitions. The group employs sophisticated tactics like exploiting software vulnerabilities, phishing, and deploying custom malware for intelligence gathering and disruption. Authorities have seized cryptocurrency proceeds and offered substantial rewards for information leading to Hyok's arrest, underscoring the persistent threat posed by state-sponsored North Korean hackers.