Security Affairs reports that North Korean state-sponsored cyberespionage operation Kimsuky, also known as APT43, Springtail, Black Banshee, Velvet Chollima, Thallium, and ARCHIPELAGO, has been targeting South Korean entities with the new Gomir Linux backdoor.
Both Gomir and the GoBear Windows backdoor enabled support for nearly similar commands, with the latter also associated with the Troll Stealer malware due to their shared legitimate certificate signature, as well as the BetaSeed malware previously used by Kimsuky, according to a report from Symantec. Such a development indicates the growing focus of Kimsuky and other North Korean threat actors toward the use of software updates and installation packages as initial vectors for compromise.
Kimsuky… “has focused on Trojanized software installers hosted on third-party sites requiring their installation or masquerading as official apps. The software targeted appears to have been carefully chosen to maximize the chances of infecting its intended South Korean-based targets,” said researchers.
Steve ZurierMay 20, 2024
The large health administrative services provider says while Social Security numbers may have been stolen, the breach did not impact financial or healthcare data.
SC StaffMay 20, 2024
More phishing campaigns have been leveraging the Latrodectus malware loader since March, with the loader updated with more extensive enumeration and execution capabilities, as well as self-delete functionality, according to The Hacker News.
SC StaffMay 20, 2024
Cryptojacking operation Kinsing, also known as H2Miner, had its botnet strengthened with the addition of new security vulnerabilities, reports The Hacker News.
ChicagoVPS is your gateway to unparalleled hosting solutions. Our state-of-the-art datacenters and powerful network ensures lightning-fast speeds and uninterrupted connectivity for your websites and applications. Whether you’re a startup looking for scalable resources or an enterprise in need of enterprise-grade hosting, our range of plans and customizable solutions guarantee a perfect fit. Trust in ChicagoVPS to deliver excellence, combining unmatched reliability and top-tier support.
For Inquiries or to receive a personalized quote, please reach out to us through our contact form here or email us at sales@chicagovps.net.
