North Korean Hackers Breach Top Russian Missile Manufacturers

Hackers linked to North Korea have breached the computer network of the top Russian missile manufacturer, NPO Mashinostroyeniya.

This report was shared by the researcher on SentinelLas in which they mentioned this breach, which is traced back to North Korean hackers that the researchers call ScarCruft and Lazarus. Hidden digital backdoors were secretly inserted into the systems at NPO Mashinostroyeniya by cyber-espionage teams associated with the North Korean government.

The hackers placed a Windows backdoor named ‘OpenCarrot’ for remote access to the network. The main objective of the breach is still unclear yet. 

While the Lazarus Group and ScarCruft (also known as APT37) are both connected to North Korea, it’s important to note that the former is governed by the Ministry of State Security (MSS). The Reconnaissance General Bureau (RGB), the nation’s main foreign intelligence agency, is a component of Lab 110, which includes the Lazarus Group.

According to missile experts, the targeted company, NPO Mash, has played an integral part in the development of hypersonic missiles, satellite technologies, and newer generation ballistic armaments, all three of which are of great interest to North Korea given its mission to develop an intercontinental ballistic missile (ICBM) that can strike the United State’s continental territory.

As per SentinelLabs, the attack backed by the two state-wise recognized hacking indicates the interest and strategy of the North Korean state that controls both.