Temp.Hermit: North Korean Malware Spread Through Fake Jobs

A North Korean cyber espionage group is using phishing campaigns to target employees in the US aerospace and energy sectors. North Korean APT groups have been active for many years and continue to pose a threat to global cybersecurity. Temp.Hermit (aka UNC2970) is thought to be connected to the Lazarus Group and has been active since 2022 performing phishing activities aimed at employees working in the US technology sector.

However, in 2024, they are seen posing as recruiters from well-known companies in the aerospace and energy sectors and sending out job postings laced with malware. The latest wave of attacks includes realistic profiles based on real people and real companies and improved malware.

Key Judgment 1.  North Korea is highly likely to continue espionage operations with the purpose of stealing sensitive information and gathering intelligence on US critical infrastructure.

Key Judgment 2. The scope of Temp.Hermit targets will likely expand to other sectors of US critical infrastructure and defence. 

Key Judgment 3. The sophistication of the Temp.Hermit techniques will likely continue to evolve and become harder to detect. 

Rest of this post is for paying members only

Already have an account?  Log in

Free Plan
Free
Secret Plan
$14.99
/ month
Recommended
Top Secret Plan
$39.99
/ month
Free Plan
Free
Secret Plan
$14.99
/ month
Recommended
Top Secret Plan
$39.99
/ month
Table of Contents

Related Content

Shadow Fleet: Russia’s Sanction Dodging Oil Tankers

Location:_ Eurasia, Europe

Flax Typhoon: Chinese Cyber Espionage Botnet in Taiwan

Location:_ Far East

Cyber Sabotage in Poland: Russia and Belarus Team Up

Location:_ Europe

Operation Crimson Palace: Chinese Cyber Espionage in Southeast Asia

Battle of Culiacán: Mayo and Chapo CQB

Location:_ Latin America

Tren de Aragua (TDA): Venezuelan gang activity in the United States

Location:_ North America

Stay in the loop

Get a free weekly email that makes reading intel articles and reports actually enjoyable.

Log in

Stay in the loop

Get a free weekly email that makes reading Intelligence Reports and Articles actually enjoyable.

Table of Contents

Contact

Contact

"*" indicates required fields

This field is for validation purposes and should be left unchanged.