North Korean hackers target defectors and journalists with new recon malware
Kimsuky threat group’s campaign seeks to collect information for ‘subsequent precision attacks,’ researchers say
North Korean hackers are using a new malware variant to attack human rights activists, defector organizations and journalists, according to an NK Pro investigation with cybersecurity researchers at SentinelLabs.
The ongoing malware campaign attempts to collect information about the hardware, software and files on targeted computers to prepare for “subsequent precision attacks,” the researchers explain in a report published on Tuesday.
“Based on the infrastructure used, malware delivery methods and malware implementation, we assess with high confidence that the campaign has been orchestrated by the Kimsuky threat actor.”
An analyst who frequently writes
- 01Timeline: From North Korean satellite launch to Yoon-Kishida summit in Seoul
- 02State media review: North Korea says ‘no reason’ it can’t meet with Japan
- 03North Korea primed for quick rebound after satellite launch failure: Analysis
- 04What to make of conflicting signs about a North Korean border reopening
- 05North Korea hacked an election body. But political interference wasn’t the goal.
- 06Secrecy surrounding North Korea’s upcoming plenum points to big changes afoot
- 07State media review: North Korea provides a front-row seat to anti-Yoon protests
- 08By linking radars, ROK and Japan reduce blind spots around North Korean missiles