Identifying North Korean State-Sponsored Threat Actors Through Malware Analysis and OSINT

Explore a 35-minute conference talk from DEF CON 31's Recon Village that chronicles a 100-day investigation into identifying a North Korean state-sponsored threat actor. Follow along as a hacker and journalist uncover how an initially perceived homemade malware sample revealed itself to be a sophisticated nation-state backed threat. Dive deep into technical malware analysis, C2 infrastructure examination, and the application of open-source intelligence (OSINT) and Cyber Threat Intelligence (CTI) methodologies for threat actor profiling. Learn from interviews with government agencies, security forces, and private intelligence companies that provide comprehensive insights into North Korean cyber operations. Suitable for both entry-level cybersecurity enthusiasts and experienced intelligence analysts and threat hunters, gain valuable insights into the process of uncovering and analyzing state-sponsored cyber threats.