Topline
One North Korean hacking group that posed as fake IT workers accounted for nearly half of all state-sponsored attacks on tech companies, according to an annual report Tuesday from the cybersecurity firm CrowdStrike, as concerns mount about advances in AI.
One North Korean group accounted for nearly half of all state-sponsored hacks on tech companies, a report found.
SOPA Images/LightRocket via Getty Images
Key Facts
FAMOUS CHOLLIMA, a North Korean-backed hacking unit, accounted for 47% of all hands-on-keyboard intrusions—a cyberattack in which a human controls and interacts with a system rather than relying solely on malware—targeting tech companies across North America, Europe and Asia between April 2025 and March, CrowdStrike reported.
The group carried out “extensive” operations targeting remote software developer roles, after which they deployed malware and stole cryptocurrency from blockchain developers, the report found.
Hackers benefited from a surge in remote positions in recent years and a North Korean education system that produces a “substantial pool” of skilled IT workers, CrowdStrike said, noting the jobs they acquired provided salaries that “significantly” exceeded typical earning potential in North Korea.
The U.S. conducted a campaign against FAMOUS CHOLLIMA’s technology and its cryptocurrency operations with 15 other unspecified governments, according to CrowdStrike (U.S. Cyber Command did not immediately respond to a request for comment).
what to watch for
AI development has accelerated hacking capabilities in “sophistication, scale and speed,” which could further shorten the window that companies have to detect and respond to attacks, CrowdStrike warned. FAMOUS CHOLLIMA relied on AI to “enhance their effectiveness,” the cybersecurity firm said.
anthropic prepares for public mythos model
Anthropic will release a public version of its Mythos tool as soon as Tuesday, The Information reported. The company has claimed the model is capable of exploiting security flaws in “every major operating system and web browser” and warned it was too dangerous to release to the public. Some companies received early access to Mythos in April, including Amazon, Apple, Google, Nvidia and Microsoft, among others, Bloomberg reported, as Anthropic called its project an “urgent attempt to put these capabilities to work for defensive purposes.” Anthropic co-founder Jack Clark said at the time the company was talking with the U.S. government about Mythos, adding the company’s position is “the government has to know about this stuff” despite an earlier contract dispute with the Pentagon.
key background
The U.S. has targeted North Korean hackers for years, including a recent series of sanctions on hacker groups relying on IT workers. North Korea uses IT workers to generate revenue for ballistic missile programs and its “weapons of mass destruction,” and many of those workers use fake documents, stolen identities and “false personas” to infiltrate companies in the U.S. and worldwide, the Treasury Department said last year.
further reading
Click Here For The Original Source.
