Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Global Ransomware by China and North Korea

June 26, 2024
Reading Time: 3 mins read
in Alerts
Global Ransomware by China and North Korea

Suspected threat actors from China and North Korea have been identified in a series of ransomware and data encryption attacks targeting government and critical infrastructure sectors worldwide from 2021 to 2023. According to cybersecurity firms SentinelOne and Recorded Future, these activities involve groups like ChamelGang, known for using ransomware such as CatB to target institutions like the All India Institute of Medical Sciences and the Presidency of Brazil. These attacks serve multiple purposes, including financial gain, disruption, and misattribution, blending cyber espionage tactics with ransomware deployment.

The evolution of ransomware as a tool in cyber espionage underscores its role in covering tracks and facilitating strategic objectives for state-sponsored groups. ChamelGang, identified as a China-linked entity, employs various sophisticated tools including BeaconLoader and Cobalt Strike, enhancing their capabilities for reconnaissance and post-exploitation activities. Their operations extend to using custom malware like DoorMe and MGDrive, which also appear in activities associated with other Chinese threat groups.

The report highlights an alarming trend where cyber espionage efforts increasingly incorporate ransomware to achieve diverse strategic goals, ranging from intelligence gathering to sabotaging critical infrastructure. By using ransomware, threat actors can manipulate public perception and attribution, complicating responses from targeted nations. Moreover, the tactics observed mirror those attributed to other known state-sponsored groups like APT41 and Andariel, reinforcing the strategic convergence of cyber espionage and cybercrime in geopolitical contexts.

The global impact of these attacks spans multiple continents, affecting industries across North America, South America, and Europe, with specific targeting of sectors such as manufacturing in the United States. The use of encryption tools like Jetico BestCrypt and Microsoft BitLocker further complicates mitigation efforts, highlighting the sophisticated nature of these state-linked cyber operations.

Reference:

  • China and North Korea State-Sponsored Hackers Tied to Global Ransomware Attacks
Tags: BrazilChamelGangChinaCobalt StrikeCyber AlertsCyber Alerts 2024Cyber RiskCyber threatGovernmentIndiaInstitute of Medical SciencesJune 2024North Korea
ADVERTISEMENT

Related Posts

FreeDrain Phishing Steals Crypto Funds

FBI Warns Cybercriminals Exploit Routers

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

X Scam Targets Crypto Users with Fake Ads

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

FreeDrain Phishing Steals Crypto Funds

May 9, 2025
COLDRIVER Hackers Target Sensitive Data

COLDRIVER Hackers Target Sensitive Data

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

CoGUI Targets Consumer and Finance Brands

May 8, 2025

Latest Alerts

X Scam Targets Crypto Users with Fake Ads

FBI Warns Cybercriminals Exploit Routers

FreeDrain Phishing Steals Crypto Funds

CoGUI Targets Consumer and Finance Brands

COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

Subscribe to our newsletter

    Latest Incidents

    LockBit Ransomware Data Leaked After Hack

    Spanish Consumer Group Faces Cyberattack

    Education Giant Pearson Hit by Data Breach

    Masimo Cyberattack Disrupts Manufacturing

    Cyberattack Targets Tepotzotlán Facebook

    West Lothian Schools Hit by Ransomware

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial