- North Korea has created a new IA hacking service
- The new group will be called “Research Center 227”
- North Korea carried out numerous cyber-offensives in 2024, including a false interview campaign
The Democratic People’s Republic of Korea (North Korea) has created the “Center for Research 227” Daily NK.
This research center would have planned to operate “24 hours a day to immediately respond to real-time information from North Korean intelligence agencies.
“At the end of February, the Supreme Commander made an order for the RGB of the General Service to improve the capacities of the information war abroad. This prescription included instructions to establish the research center 227 for hacking technology research ”a source said Daily NK.
Persistent operations
The Research Center is likely to focus on “piracy capacity building” and develop technologies and hacking programs in order to neutralize Western cybersecurity systems and critical infrastructure.
These offensives will mainly aim to steal information and disrupt opponent computer networks.
The center would recruit around 90 IT experts and graduates of high -level and doctorate university programs, confirmed the source;
“These are not cyber warriers who directly carry out information war missions in foreign places, but internal research staff that develop offensive programs. With the creation of the Research Center 227, RGB CYBER operational capacities will be considerably strengthened in the future. ”
The cyber operations in North Korea have been launched more and more lately, in particular of the famous Lazare group, which has been observed to propagate malicious software through various large-scale attacks, and the deployment of infosters to recover the references of Western organizations.
In particular, the North Korean pirates launched the campaign “ Contagieuse interview ” with false interviews or employment advertisements, which encourages victims to download malicious software disguised as video conference software.
This campaign also includes a series of cybercriminals simulating their identity in order to take software work, probably in order to access critical service systems and information from large Western companies, or other fraudulent behaviors.
