Researchers discover watering hole attack targeting pro-North Korea individuals
Latest cyberattack fits threat actor Earth Kitsune’s history of targeting North Korea-related websites and individuals
A hacking group known to target DPRK watchers compromised a “pro-North Korea” website late last year to distribute malware to visitors, security researchers say, though it’s unclear whether the attackers have links to Pyongyang.
According to a Trend Micro report published Friday, a group dubbed Earth Kitsune modified the website of an unspecified pro-North Korean organization to display an error message that prompts visitors to download a trojanized installer to watch videos on the site.
This installer in turn loads a backdoor that can perform various functions including deleting, listing, downloading and uploading files
- 01North Korea’s new silo-based missile raises risk of prompt preemptive strikes
- 02Why normalizing US-North Korea relations is a prerequisite for denuclearization
- 03North Korean planes active at Pyongyang airport hours after runway missile test
- 04North Korea using US-ROK drills as cover to carry out missile tests, experts say
- 05State media review: North Korea says rusty American bombs threaten capital
- 06Why the US might not actually try to shoot down a North Korean ICBM over Pacific
- 07Huge swath of Pyongyang under construction after state mobilized young people
- 08How North Korea’s submarine-launched cruise missiles ratchet up risk of conflict