
Comic Sans and Cybercrime: Inside North Korea’s Global Cyber Playbook
Hello to all our Cyber Pals! In this episode of Discarded, host Selena Larson and co-host Sara Sobotka are joined by Saher Naumaan and Greg Lesnewich, teammates on the espionage threat research team at Proofpoint to unravel the multifaceted—and often bizarre—world of North Korean cyber operations.
The team explores:
- What sets DPRK’s threat actors apart from other nation-state groups
- A closer look at North Korea’s cyber and physical support for Russia in Ukraine
- How cyber activity plays a central role in North Korea’s national strategy—not just a supporting one
- The phishing-heavy tactics of groups like TA427 (“Old Reliable”) and the emergence of oddball clusters like “Contagious Interview” and “UNK RageQuit”
- How North Korean actors blur the lines between espionage and financially motivated cybercrime
- The murky world of North Korean IT workers infiltrating global tech companies under false identities—raising critical questions about workplace exposure, ethics, and potential defections
- The surprising ways some of these operatives sabotage themselves, including infections with common malware that expose their digital behavior
- And yes, a Microsoft spoofing campaign actually using Comic Sans
North Korean cyber activity is evolving fast and they explain why it deserves far more attention than it gets.
Resources Mentioned:
https://www.proofpoint.com/us/blog/threat-insight/ta406-pivots-front
https://spycloud.com/blog/spycloud-march-cybercrime-update/
For more information about Proofpoint, check out our website.
Subscribe & Follow:
Stay ahead of emerging threats, and subscribe! Happy hunting!
Więcej odcinków z kanału "DISCARDED: Tales From the Threat Research Trenches"
Nie przegap odcinka z kanału “DISCARDED: Tales From the Threat Research Trenches”! Subskrybuj bezpłatnie w aplikacji GetPodcast.