North Korean hackers spread malware through fake updates for network routers



News North Korean hackers spread malware through fake updates for network routers While malware not new, disguising it as a router update is a first for Kimsuky, researchers say Ethan Jewell June 1, 2022 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON Data cables in a network device \| Image: Pixabay The North Korean hacking syndicate Kimsuky has spread malware disguised as an update for routers common in South Korea, security researchers have found, marking an evolution from the group’s usual document-based lures. The new technique discovered on May 26 appears to distribute the so-called AppleSeed malware, a backdoor commonly associated with Kimsuky, according to South Korean security firm AhnLabs. Seongsu Park, a malware analyst with security firm Kaspersky, told NK Pro that AppleSeed has been seen in past Kimsuky campaigns and is capable of executing commands on a victim’s machine from a command and Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01Yoon bet on US to deter North Korea. Now he faces an alliance skeptic in Trump. 02All the question marks hanging over Trump’s approach to North Korea in term two 03Time almost up for North Korea’s plan to launch 3 military satellites in 2024 04Trump return rekindles prospects of North Korea talks, but Russia stands in way 05How China could benefit from North Korea’s troop deployment to Ukraine 06New North Korean ICBM delivers big political message, and likely bigger payloads 07How North Korea-Russia ties will challenge next US president, no matter who wins 08What to make of the stunning collapse in value of North Korean won

News

North Korean hackers spread malware through fake updates for network routers

While malware not new, disguising it as a router update is a first for Kimsuky, researchers say

Ethan Jewell June 1, 2022

North Korean hackers spread malware through fake updates for network routers

Data cables in a network device | Image: Pixabay

The North Korean hacking syndicate Kimsuky has spread malware disguised as an update for routers common in South Korea, security researchers have found, marking an evolution from the group’s usual document-based lures.

The new technique discovered on May 26 appears to distribute the so-called AppleSeed malware, a backdoor commonly associated with Kimsuky, according to South Korean security firm AhnLabs.

Seongsu Park, a malware analyst with security firm Kaspersky, told NK Pro that AppleSeed has been seen in past Kimsuky campaigns and is capable of executing commands on a victim’s machine from a command and

01Yoon bet on US to deter North Korea. Now he faces an alliance skeptic in Trump.
02All the question marks hanging over Trump’s approach to North Korea in term two
03Time almost up for North Korea’s plan to launch 3 military satellites in 2024
04Trump return rekindles prospects of North Korea talks, but Russia stands in way
05How China could benefit from North Korea’s troop deployment to Ukraine
06New North Korean ICBM delivers big political message, and likely bigger payloads
07How North Korea-Russia ties will challenge next US president, no matter who wins
08What to make of the stunning collapse in value of North Korean won

North Korean hackers spread malware through fake updates for network routers

LATEST ANALYSIS

Similar Articles

About the Author

Ethan Jewell