North Korean Hackers Turn to Credential Harvesting in Latest Wave of Cyberattacks

A North Korean nation-state group notorious for crypto heists has been attributed to a new wave of malicious email attacks as part of a "sprawling" credential harvesting activity targeting a number of industry verticals, marking a significant shift in its strategy.
The state-aligned threat actor is being tracked by Proofpoint under the name TA444, and by the larger cybersecurity community as

actor attacks community credential credential harvesting crypto cyberattacks cybersecurity cybersecurity community email email attacks hackers industry latest malicious name nation north north korean north korean hackers proofpoint state strategy ta444 targeting threat threat actor turn under verticals