Search
Insights / Crime

Temp.Hermit: North Korean Malware Spread Through Fake Jobs

A North Korean cyber espionage group is using phishing campaigns to target employees in the US aerospace and energy sectors. North Korean APT groups have been active for many years and continue to pose a threat to global cybersecurity. Temp.Hermit (aka UNC2970) is thought to be connected to the Lazarus Group and has been active since 2022 performing phishing activities aimed at employees working in the US technology sector.

However, in 2024, they are seen posing as recruiters from well-known companies in the aerospace and energy sectors and sending out job postings laced with malware. The latest wave of attacks includes realistic profiles based on real people and real companies and improved malware.

Key Judgment 1.  North Korea is highly likely to continue espionage operations with the purpose of stealing sensitive information and gathering intelligence on US critical infrastructure.

Key Judgment 2. The scope of Temp.Hermit targets will likely expand to other sectors of US critical infrastructure and defence. 

Key Judgment 3. The sophistication of the Temp.Hermit techniques will likely continue to evolve and become harder to detect. 

Rest of this post is for members only

Already have an account?  Log in

6 Months
£1500
  • Access to all free content
  • Access to weekly newsletter
  • Access to exclusive reports
  • Access to video analysis
  • First access to training program
12 months
£3000
  • Access to all free content
  • Access to weekly newsletter
  • Access to exclusive reports
  • Access to video analysis
  • First access to training program
Already a member? Log in here
In this article
North KoreaAPT 44Critical InfrastructureCyber espionageCybercrime

Allen P.

Table of Contents
In this article

Related Content

Locked
Crime

Mass Graves in the Gaza Strip: Assessing Origins and Features

TYPE:_ Intelligence Report
Location:_ MENA
Tags:_ Gaza Strip, IDF, MASS GRAVES
Locked
Technology, Crime, Terrorism

3D Printed Guns: Religious and Political Extremists’ New Go-To?

TYPE:_ Intelligence Report
Location:_ Europe, North America
Tags:_ 3D Gun Printing, 3D Printed Guns, 3D Printing, Far Right, Islamist, Terrorism
Locked
Crime

Mexico: Assessing Cartel Continuity, Government Resolve

TYPE:_ Intelligence Report
Location:_ Latin America
Tags:_ Cartel, Crime, Drone, Latin America, Unconventional Warfare

Stay in the loop

Get a free weekly email that makes reading
intel articles and reports actually enjoyable.

Log in
Table of Contents

Log in

Stay in the loop

Join thousands of people receiving ground truth based reports that affect their business, investments and personal life.

Contact

Contact

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Consent
Log in
Sign up