Stonefly: North Korea-linked Spying Operation Continues to Hit High-value Targets
Contents
Stonefly: North Korea-linked Spying Operation Continues to Hit High-value Targets
Espionage group focuses on obtaining classified or sensitive intellectual property that has civilian and military applications.
The North Korean-linked Stonefly group is continuing to mount espionage attacks against highly specialized engineering companies with a likely goal of obtaining sensitive intellectual property.
Stonefly specializes in mounting highly selective targeted attacks against targets that could yield intelligence to assist strategically important sectors such as energy, aerospace, and military equipment. Virtually all of the technologies it appears to be interested in have military as well as civilian uses and some could have applications in the development of advanced weaponry.
History of ambitious attacks
Stonefly (aka DarkSeoul, BlackMine, Operation Troy, and Silent Chollima) first came to notice in July 2009, when it mounted distributed denial-of-service (DDoS) attacks against a number of South Korean, U.S. government, and financial websites.
It reappeared again in 2011, when it launched more DDoS attacks, but …
Espionage group focuses on obtaining classified or sensitive intellectual property that has civilian and military applications.
The North Korean-linked Stonefly group is continuing to mount espionage attacks against highly specialized engineering companies with a likely goal of obtaining sensitive intellectual property.
Stonefly specializes in mounting highly selective targeted attacks against targets that could yield intelligence to assist strategically important sectors such as energy, aerospace, and military equipment. Virtually all of the technologies it appears to be interested in have military as well as civilian uses and some could have applications in the development of advanced weaponry.
History of ambitious attacks
Stonefly (aka DarkSeoul, BlackMine, Operation Troy, and Silent Chollima) first came to notice in July 2009, when it mounted distributed denial-of-service (DDoS) attacks against a number of South Korean, U.S. government, and financial websites.
It reappeared again in 2011, when it launched more DDoS attacks, but …
IoC
07b1b9d46a926084019c9e1a22ef724d7dd20fd85d144012dd4855ca66ad96fe
0e20819e5584a31f00d242782c2071734d7e2377306e9ebd20dd435ce9c7d43a
147187d4ca823187724205a7dbd6502a9409674e6602363d796218503c960e2f
14f0c4ce32821a7d25ea5e016ea26067d6615e3336c3baa854ea37a290a462a8
1a0e33a0e434e22e25a17b5d40fbef4fe900f075fcfa0dadd473010d03185e4a
28d0e945f0648bed7b7b2a2139f2b9bf1901feec39ff4f6c0315fa58e054f44e
30cd61f13d64562a41eb5e8a3d30cd46d8678acd9eef4c73386c3ea4adb50101
3b779a84c17a3a2b588241676ec372c543b592473dae9d6b14db0d0d33522f34
414ed95d14964477bebf86dced0306714c497cde14dede67b0c1425ce451d3d7
453014da94a1382f9f11535b3d90a44d67f43c02ffe8688465956a3ed7e71743
537dee22d8bc4867f45deddfa26c6d08a12c09e4fb5b539422e9b4d8fb0dff4a
551653deddb8d9a78c1a239cc2da99ea403ce203c5843384c986149d4c17f26c
586f30907c3849c363145bfdcdabe3e2e4688cbd5688ff968e984b201b474730
5a73fdd0c4d0deea80fa13121503b477597761d82cf2cfb0e9d8df469357e3f8
5e62d4851596e3fb939525fa4437c553ab5c6b9d12920af7740a3473102ccd1a
68d8f895135aab32f0b0f2520f1dd3ea791a0e0fec3e4e21d94040015bbbf096
7399605f47be3d8ed021c9189b6b102461d5dd98a9d9082c71ff368e13cf8541
7ab3f076e70350f06ad19863fdd9e794648020f621c0b1bd20ad4d80f0745142
8637a4286d87a4fa3b6a102446f437058812be0d4ebb361ac8827ea4f186df23
9ca9f414b689fc903afb314016155814885966b0e30b21b642819d53ba94533c
b3458b3d0bb80029de30f41ffc8e318176cca650d76b75549089b8a436e8862a
b4a85ef01b5d8058cf94f3e96c48d86ce89b20295e8d1125dc3fc1c799a75789
b7de7187f0f0281c17ae349b692f70892689ddf27b6b418142c809b41dfe3ce7
bfa7adeda4597b70bf74a9f2032df2f87e07f2dbb46e85cb7c091b83161d6b0a
cb6769bd80d5a234387bdaa907857ae478e2e693a157f29d97b8ce2db07856c1
d824eb45247f9b8e0266dc739425d80af4145062687d7e825e03adfac1b7e03b
dda85ee1e0b4916ebd2eb7cbaeaa969843a19e7b8a9bb5d360a4bbc0bad91877
de00c0111a561e88d62fd84f425a6febc72e01e2e927fb76d01603319a34b4b3
http://bluedragon.com
http://cyancow.com/find
http://cyancow.com
http://semiconductboard.com
http://tecnojournals.com
https://bluedragon.com/login
https://semiconductboard.com/xcror
https://semiconductboard.com/xml
https://tecnojournals.com/general
https://tecnojournals.com/review
0e20819e5584a31f00d242782c2071734d7e2377306e9ebd20dd435ce9c7d43a
147187d4ca823187724205a7dbd6502a9409674e6602363d796218503c960e2f
14f0c4ce32821a7d25ea5e016ea26067d6615e3336c3baa854ea37a290a462a8
1a0e33a0e434e22e25a17b5d40fbef4fe900f075fcfa0dadd473010d03185e4a
28d0e945f0648bed7b7b2a2139f2b9bf1901feec39ff4f6c0315fa58e054f44e
30cd61f13d64562a41eb5e8a3d30cd46d8678acd9eef4c73386c3ea4adb50101
3b779a84c17a3a2b588241676ec372c543b592473dae9d6b14db0d0d33522f34
414ed95d14964477bebf86dced0306714c497cde14dede67b0c1425ce451d3d7
453014da94a1382f9f11535b3d90a44d67f43c02ffe8688465956a3ed7e71743
537dee22d8bc4867f45deddfa26c6d08a12c09e4fb5b539422e9b4d8fb0dff4a
551653deddb8d9a78c1a239cc2da99ea403ce203c5843384c986149d4c17f26c
586f30907c3849c363145bfdcdabe3e2e4688cbd5688ff968e984b201b474730
5a73fdd0c4d0deea80fa13121503b477597761d82cf2cfb0e9d8df469357e3f8
5e62d4851596e3fb939525fa4437c553ab5c6b9d12920af7740a3473102ccd1a
68d8f895135aab32f0b0f2520f1dd3ea791a0e0fec3e4e21d94040015bbbf096
7399605f47be3d8ed021c9189b6b102461d5dd98a9d9082c71ff368e13cf8541
7ab3f076e70350f06ad19863fdd9e794648020f621c0b1bd20ad4d80f0745142
8637a4286d87a4fa3b6a102446f437058812be0d4ebb361ac8827ea4f186df23
9ca9f414b689fc903afb314016155814885966b0e30b21b642819d53ba94533c
b3458b3d0bb80029de30f41ffc8e318176cca650d76b75549089b8a436e8862a
b4a85ef01b5d8058cf94f3e96c48d86ce89b20295e8d1125dc3fc1c799a75789
b7de7187f0f0281c17ae349b692f70892689ddf27b6b418142c809b41dfe3ce7
bfa7adeda4597b70bf74a9f2032df2f87e07f2dbb46e85cb7c091b83161d6b0a
cb6769bd80d5a234387bdaa907857ae478e2e693a157f29d97b8ce2db07856c1
d824eb45247f9b8e0266dc739425d80af4145062687d7e825e03adfac1b7e03b
dda85ee1e0b4916ebd2eb7cbaeaa969843a19e7b8a9bb5d360a4bbc0bad91877
de00c0111a561e88d62fd84f425a6febc72e01e2e927fb76d01603319a34b4b3
http://bluedragon.com
http://cyancow.com/find
http://cyancow.com
http://semiconductboard.com
http://tecnojournals.com
https://bluedragon.com/login
https://semiconductboard.com/xcror
https://semiconductboard.com/xml
https://tecnojournals.com/general
https://tecnojournals.com/review