Cisco TalosA new threat actor known as #LilacSquid is using several different pieces of #malware to silently infiltrate networks and steal sensitive data. Read more about this group and the TTPs they share with some North Korean state-sponsored actors https://blog.talosintelligence.com/lilacsquid/
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader
Cisco Talos is disclosing a new suspected data theft campaign, active since at least 2021, we attribute to an advanced persistent threat actor (APT) we’re calling “LilacSquid.” Multiple TTPs utilized in this campaign bear some overlap with North Korean APT groups.