lazarusholicMar 26, 2024
"Malware Disguised as Installer from Korean Public Institution (Kimsuky Group)" published by Ahnlab. #Kimsuky, #Endoor, #Nikidoor, #AsungSoft, #CTI, #OSINT, #LAZARUS https://asec.ahnlab.com/en/63396/
Malware Disguised as Installer from Korean Public Institution (Kimsuky Group) - ASEC BLOG

AhnLab Security Emergency response Center

ASEC BLOG
Not SimonMar 26, 2024

ASEC reports that the North Korean state-sponsored APT Kimsuky distributed malware disguised as an installer from a Korean public institution. In one case, the dropper leads to Endoor backdoor, and in the second case, the C2 was historically linked to Nikidoor backdoor. IOC provided. 🔗 https://asec.ahnlab.com/en/63396/

#NorthKorea #cyberespionage #threatintel #IOC #Kimsuky #Endoor #Nikidoor

Malware Disguised as Installer from Korean Public Institution (Kimsuky Group) - ASEC BLOG

AhnLab Security Emergency response Center

ASEC BLOG
lazarusholicMar 19, 2024
"국내 공공기관의 설치 파일을 위장한 악성코드 (Kimsuky 그룹)" published by Ahnlab. #Kimsuky, #Endoor, #Nikidoor, #AsungSoft, #CTI, #OSINT, #LAZARUS https://asec.ahnlab.com/ko/62117/
국내 공공기관의 설치 파일을 위장한 악성코드 (Kimsuky 그룹) - ASEC BLOG

AhnLab Security Emergency response Center

ASEC BLOG