North Korean hackers drop new malware to steal data from South Korean targets
‘Troll Stealer’ uses valid certificates to pass as legitimate ROK security programs while stealing system information
A North Korean cybercrime group is distributing new malware to steal information from South Korean targets, potentially including administrative and public organizations, according to security researchers.
The threat group Kimsuky disguised its new “infostealer” as a legitimate security program installation file, South Korean cyber threat intelligence company Safe and Secure World (S2W) said in a report Wednesday.
The malware, developed using Go programming language and dubbed “Troll Stealer” by S2W, is designed to steal information from compromised computers before encrypting and sending it to the attackers’ server.
The firm attributed the
- 01How North Korean aggression and the Taiwan election complicate China-DPRK ties
- 02Satellite imagery shows Kim Jong Un’s east coast yacht, missile test activities
- 03State media review: North Korean festivals build up to former leader’s birthday
- 04Survey shows markets reign supreme in the daily lives of North Koreans
- 05What to make of North Korea’s apparent interest in naval nuclear propulsion
- 06How North Korean defectors shape the policies of countries where they settle
- 07Slump in life insurance sector points to unreported COVID deaths in North Korea
- 08State media review: North Korea set to open long-stalled hospital this year