{"id":36336,"date":"2020-07-28T14:40:17","date_gmt":"2020-07-28T14:40:17","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31436\/Kaspersky-North-Korean-Hackers-Are-Behind-The-VHD-Ransomware.html"},"modified":"2020-07-28T14:40:17","modified_gmt":"2020-07-28T14:40:17","slug":"kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/","title":{"rendered":"Kaspersky: North Korean Hackers Are Behind The VHD Ransomware"},"content":{"rendered":"<figure class=\"image image-original shortcode-image\"><span class=\"img aspect-set \"><img decoding=\"async\" src=\"https:\/\/zdnet3.cbsistatic.com\/hub\/i\/2020\/04\/15\/056a0dce-47a4-4dc6-955e-4a411dc2fb9f\/north-korea.png\" class alt=\"North Korea\"><\/span><figcaption><span class=\"caption\"><\/span><\/figcaption><\/figure>\n<p>Antivirus maker Kaspersky said in a report today that hackers associated with the North Korean regime are behind a new ransomware strain known as VHD.<\/p>\n<p>The report details two incidents to which Kaspersky was privy, where intruders gained access to companies&#8217; networks and deployed the VHD ransomware.<\/p>\n<p>Kaspersky experts say that tools and techniques used during the two intrusions link the attackers to Lazarus Group &#8212; a generic name given to hackers working for the Pyongyang regime.<\/p>\n<p>This included:<\/p>\n<ul>\n<li>the use of the <a href=\"https:\/\/securelist.com\/mata-multi-platform-targeted-malware-framework\/97746\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">MATA (Dacls) malware framework<\/a> to deploy VHD as a final payload<\/li>\n<li>the use of techniques to move across a victim&#8217;s internal network that were previously observed in past Lazarus campaigns<\/li>\n<\/ul>\n<p>&#8220;The data we have at our disposal tends to indicate that the VHD ransomware is not a commercial off-the-shelf product; and as far as we know, the Lazarus group is the sole owner of the MATA framework. Hence, we conclude that the VHD ransomware is also owned and operated by Lazarus,&#8221; <a href=\"https:\/\/securelist.com\/lazarus-on-the-hunt-for-big-game\/97757\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">Kaspersky researchers said today<\/a>.<\/p>\n<h3>Fits in the bigger picture<\/h3>\n<p>What Kaspersky has discovered here fits in the bigger picture of the North Korean hacking landscape.<\/p>\n<p>Based on numerous previous reports published over the past four years, North Korean hackers are usually divided into two categories &#8212; (1) those who engage in cyber-espionage for intelligence purposes, and (2) those who engage in financial crime to raise funds for the Pyongyang government (which funds the US Treasury believes are <a href=\"https:\/\/www.zdnet.com\/article\/us-treasury-sanctions-three-north-korean-hacking-groups\/\" target=\"_blank\" rel=\"noopener noreferrer\">used to support the country&#8217;s weapons and missile programs<\/a>).<\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_zd_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\"> <\/section>\n<p>The VHD attacks are, without a doubt, the work of the second group, which seeks to extort money from hacked organizations.<\/p>\n<p>Some of this group&#8217;s other money-raising activities included hacking banks, <a href=\"https:\/\/www.zdnet.com\/article\/us-treasury-sanctions-two-chinese-nationals-for-laundering-cryptocurrency-for-north-korean-hackers\/\" target=\"_blank\" rel=\"noopener noreferrer\">stealing funds from cryptocurrency exchanges<\/a>, orchestrating ATM cashouts, running crypto-mining botnets, and even <a href=\"https:\/\/www.zdnet.com\/article\/north-korean-hackers-linked-to-web-skimming-magecart-attacks-report-says\/\" target=\"_blank\" rel=\"noopener noreferrer\">engaging in web skimming (Magecart) attacks<\/a> to steal payment card data and resell it on carding forums.<\/p>\n<p>Other activities also include Lazarus hackers breaking into company networks, stealing data, and then <a href=\"https:\/\/www.zdnet.com\/article\/us-offers-5-million-reward-for-information-on-north-korean-hackers\/\" target=\"_blank\" rel=\"noopener noreferrer\">asking victims for a ransom<\/a> not to publish their data online.<\/p>\n<p>Seeing North Korean hackers engage in ransomware attacks is not surprising, since ransomware attacks are some of today&#8217;s most profitable cybercrime operations.<\/p>\n<p>It is the hackers&#8217; first foray into the scene. Western intelligence agencies have <a href=\"https:\/\/www.zdnet.com\/article\/how-us-authorities-tracked-down-the-north-korean-hacker-behind-wannacry\/\" target=\"_blank\" rel=\"noopener noreferrer\">accused North Korea of creating and losing control of the WannaCry ransomware<\/a> that spread virulently across the globe in May 2017.<\/p>\n<p>The difference between VHD and WannaCry is that VHD is better coded and that Lazarus operators appear to only deploy it sparingly, on the networks of high-profile companies from where they can demand huge ransoms to decrypt data &#8212; in a tactic that&#8217;s known today as &#8220;big game hunting.&#8221;<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/31436\/Kaspersky-North-Korean-Hackers-Are-Behind-The-VHD-Ransomware.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":36337,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[8827],"class_list":["post-36336","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinemalwarefraudcyberwarkoreacryptography"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Kaspersky: North Korean Hackers Are Behind The VHD Ransomware 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Kaspersky: North Korean Hackers Are Behind The VHD Ransomware 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-28T14:40:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Kaspersky: North Korean Hackers Are Behind The VHD Ransomware\",\"datePublished\":\"2020-07-28T14:40:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\\\/\"},\"wordCount\":455,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware.png\",\"keywords\":[\"headline,malware,fraud,cyberwar,korea,cryptography\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\\\/\",\"name\":\"Kaspersky: North Korean Hackers Are Behind The VHD Ransomware 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware.png\",\"datePublished\":\"2020-07-28T14:40:17+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware.png\",\"width\":1000,\"height\":500},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,malware,fraud,cyberwar,korea,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinemalwarefraudcyberwarkoreacryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Kaspersky: North Korean Hackers Are Behind The VHD Ransomware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Kaspersky: North Korean Hackers Are Behind The VHD Ransomware 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/","og_locale":"en_US","og_type":"article","og_title":"Kaspersky: North Korean Hackers Are Behind The VHD Ransomware 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-07-28T14:40:17+00:00","og_image":[{"width":1000,"height":500,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Kaspersky: North Korean Hackers Are Behind The VHD Ransomware","datePublished":"2020-07-28T14:40:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/"},"wordCount":455,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware.png","keywords":["headline,malware,fraud,cyberwar,korea,cryptography"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/","url":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/","name":"Kaspersky: North Korean Hackers Are Behind The VHD Ransomware 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware.png","datePublished":"2020-07-28T14:40:17+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware.png","width":1000,"height":500},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,malware,fraud,cyberwar,korea,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinemalwarefraudcyberwarkoreacryptography\/"},{"@type":"ListItem","position":3,"name":"Kaspersky: North Korean Hackers Are Behind The VHD Ransomware"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36336","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=36336"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36336\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/36337"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=36336"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=36336"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=36336"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}