North Korean hackers adopt complex methods to hide malware from analysts: Report
Technique to verify victim identities makes it harder for researchers to access payloads and develop countermeasures
A notorious North Korean hacking syndicate has adopted sophisticated techniques to ensure it deploys malware only against intended targets, making it harder for authorities to get their hands on the group’s malware and analyze it, according to security researchers Thursday.
Seongsu Park, a malware analyst at cybersecurity firm Kaspersky, relayed the findings in a new report detailing the inner workings of the command and control (C2) servers behind the DPRK-backed Kimsuky’s Gold Dragon malware cluster.
According to Park, Kimsuky’s latest innovation is the adoption of “victim verification” techniques in some C2 servers
- 01Timeline: From North Korean threats against South to soccer defeat to Japan
- 02State media review: Drought forecast raises risks to North Korean food security
- 03Russian ship rejoins North Korea weapons trade, only for operation to go on hold
- 04Russia obscures North Korea arms trade by moving operation out of military port
- 05How great power competition is shaping North Korea’s grand strategy
- 06Why talks on North Korea’s nuclear program still can’t get off the ground
- 07North Korea hints beach resort twice as long as Waikiki may finally open soon
- 08State media review: North Korea slams US ‘air pirates’ for raising risk of war
- 09What North Korea’s official budget reveals about its spending priorities in 2024
- 10How North Korean aggression and the Taiwan election complicate China-DPRK ties