North Korean hackers spread malware through fake updates for network routers
While malware not new, disguising it as a router update is a first for Kimsuky, researchers say
The North Korean hacking syndicate Kimsuky has spread malware disguised as an update for routers common in South Korea, security researchers have found, marking an evolution from the group’s usual document-based lures.
The new technique discovered on May 26 appears to distribute the so-called AppleSeed malware, a backdoor commonly associated with Kimsuky, according to South Korean security firm AhnLabs.
Seongsu Park, a malware analyst with security firm Kaspersky, told NK Pro that AppleSeed has been seen in past Kimsuky campaigns and is capable of executing commands on a victim’s machine from a command and
- 01North Korea eyes China border trade resumption as quarantine center cleared
- 02How corruption conquered North Korea, and why it’s there to stay
- 03With military makeover, Kim Jong Un asserts his own power in face of troubles
- 04State media review: North Korea backs China over Taiwan issue
- 05North Korea’s proclamation of COVID ‘victory’ only portends more suffering ahead
- 06Kim Jong Un megayacht spotted at secluded beach while leader out of public view
- 07The flaws in the Bank of Korea’s estimates of North Korean economic activity
- 08Flooding hits new construction at North Korea’s Sohae spaceport: Imagery