State-Sponsored Remote Wipe Tactics Targeting Android Devices

Android is much more dangers than iOS in Web3 🙂

  • Emergence of an Android remote data-wipe attack exploiting Google’s asset-tracking feature, Find Hub.
  • Identified as a follow-up attack of the KONNI APT campaign, which had operated covertly for nearly a year.
  • Attackers impersonated psychological counselors and North Korean human rights activists, distributing malware disguised as stress-relief programs.
  • Malicious files were delivered through the KakaoTalk messenger, leveraging impersonation of acquaintances to conduct trust-based attacks.
  • Strengthening real-time behavior-based detection and IOC-linked monitoring through EDR solutions is strongly recommended.
Read More

U.S. Sanctions DPRK Crypto Laundering Network: Multiple Bank Staff and Financial Institutions Affected

On November 4, 2025, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced a new round of sanctions targeting multiple North Korean bankers and financial institutions. The action freezes all assets of eight individuals and two entities within the United States or under U.S. jurisdiction. These individuals and entities are accused of raising funds for the North Korean regime through cybercrime, information technology (IT) labor fraud, and other illicit activities, with the proceeds supporting the country’s nuclear and ballistic missile programs.

Read More