North Korean Hackers Use Russian IP Infrastructure

North Korean hackers, specifically those associated with the Void Dokkaebi intrusion set, are utilizing Russian IP addresses to carry out cybercrime activities. These activities include social engineering, malware deployment, and cryptocurrency theft, with the stolen funds supporting the North Korean regime and its weapons development. The FBI seized the domain of a front company used by the hackers, BlockNovas, as part of an international crackdown on North Korean cyberactors.