Not Simon

ASEC reports that the North Korean state-sponsored APT Kimsuky distributed malware disguised as an installer from a Korean public institution. In one case, the dropper leads to Endoor backdoor, and in the second case, the C2 was historically linked to Nikidoor backdoor. IOC provided. 🔗 https://asec.ahnlab.com/en/63396/

#NorthKorea #cyberespionage #threatintel #IOC #Kimsuky #Endoor #Nikidoor

Malware Disguised as Installer from Korean Public Institution (Kimsuky Group) - ASEC BLOG

AhnLab Security Emergency response Center

ASEC BLOG
Mar 26, 2024 at 2:49amWeb