Russian and North Korean cybercrime groups have joined forces and sharing resources, new research suggests.
Experts at cybersecurity firm Gen Digital reported finding an “unprecedented” shared infrastructure between formidable hacking groups linked to Moscow and Pyongyang — Russia’s Gamaredon and North Korea’s Lazarus collective.
The cybercriminals also seem to be sharing tactics, the research found.
It appears hackers in Russia and North Korea are using the same malware programs. NurPhoto via Getty Images
“I don’t recall two countries working together on [Advanced Persistent Threat] attacks,” said Director of Threat Intelligence at Gen Digital Michal Salat.
Never before has there been a level of coordination between the two countries, according to experts.
Gamaredon has links with Russia’s Federal Security Service — the collective has aggressively targeted Ukraine’s government networks since the start of its 2022 invasion. Lazarus based in North Korea, meanwhile, specializes in espionage and financial cybercrime.
The relationship between Russia and North Korea has grown in recent years. KCNA VIA KNS/AFP via Getty Images
Chats transmitted over Telegram channels were accessed, indicating the two groups share servers controlling malware programs, according to the report.
Researchers do admit their findings could simply mean one group is deliberately imitating the other, and note there’s no confirmation the groups have teamed up.
Pyongyang, seen here, and Moscow have been strengthening ties. Getty Images
The relationship between Moscow and Pyongyang has blossomed in recent years, with North Korea sending troops to fight in Ukraine.
Ukrainian authorities also claimed last month North Korean troops were flying drones across the border, and that thousands of North Korean workers were sent to Russia to manufacture drones.
With Post wires