According to a report released on December 11, hackers who have support from the North Korean government has begun to rent tools and access to hacked networks from the cyber TrickBot gang.
The discovery came after years of research, at the course of which is concluded that the boundaries between the ordinary cyber crime and one that governments support are slowly being deleted, and the topic came into focus in 2017 when it was first noticed that the GameOver Zeus network of bots helps Russian intelligence officers get to sensitive documentation.
That way, the intelligence services have been associated with hacker organizations. For years, instead of developing their own tools, they adopt those who already sold online.
The report was released by security firm SentinelOne, discovering new links between the hacker group Lazarus from North Korea and the TrickBot network, because Korean hackers have begun to pay for access to infected networks and the tool collection, which got its name Anchor, and which provides completely new malware attack chains.
At first look, Anchor looks like a module that TrickBot hackers developed for those who are interested in economics espionage and some of the attacks of the Lazarus group are already related to this module, so this practice could be continue in the future.