top of page

Elite North Korean Hackers Breach Russian Missile Developer Networks

An elite North Korean hacking group infiltrated the networks of a major Russian missile design firm for months, potentially gaining access to cutting-edge weapons tech.

North Korean leader Kim Jong Un and Russia's Defense Minister Sergei Shoigu
Credits: REUTERS

Reuters can reveal that North Korean state-sponsored hacking units secretly installed malware in the systems of NPO Mashinostroyeniya, a rocket design bureau near Moscow. The breach lasted around five months in 2021 before being detected in May 2022.

It is unclear if any data was stolen, but Pyongyang announced new developments in its banned ballistic missile programme afterwards. Experts say the hack shows North Korea's willingness to target even its allies to acquire critical technologies.

Emails Compromised in Cyber Espionage Campaign

The hackers were able to monitor email communications on the network, moving between systems and extracting data. Their stealthy digital backdoors evaded detection for months.

US cyber firm SentinelOne first discovered the hack, finding NPO Mash data accidentally leaked online by an employee investigating the breach. The information allowed unique insight into a major state defence contractor normally shrouded in secrecy.

Independent experts verified the exposed data as authentic after checks against NPO Mash's cryptographic signatures. Analysts are confident the Lazarus and ScarCruft hacking groups linked to North Korea were responsible, identifying their previous malware and infrastructure.

Missile Developer Key Target for Rogue State

NPO Mash pioneered hypersonic missiles, satellites and next-gen ballistic weapons - key areas of interest for North Korea's banned ICBM programme. The company grew prominent supplying the Soviet space effort and cruise missiles during the Cold War.

While accessing designs may not immediately give Pyongyang the same capabilities, NPO Mash would be a valuable source of intelligence. Particularly regarding fuel and manufacturing techniques for solid-propellant missiles prized for rapid deployment.

Analysts say more could be learned from NPO Mash's processes than just blueprints. But reverse engineering the firm's advanced missiles remains the realm of "movie stuff".

  • Elite North Korean hackers breached major Russian missile developer NPO Mash

  • Accessed systems for around 5 months in 2021 before detection in May 2022

  • Unclear if data stolen, but aligned with North Korean ICBM interests

  • NPO Mash works on hypersonic missiles, satellites, next-gen ballistics


As technology advances and has a greater impact on our lives than ever before, being informed is the only way to keep up.  Through our product reviews and news articles, we want to be able to aid our readers in doing so. All of our reviews are carefully written, offer unique insights and critiques, and provide trustworthy recommendations. Our news stories are sourced from trustworthy sources, fact-checked by our team, and presented with the help of AI to make them easier to comprehend for our readers. If you notice any errors in our product reviews or news stories, please email us at  Your input will be important in ensuring that our articles are accurate for all of our readers.

bottom of page