News North Korean hackers spread malware through fake updates for network routersWhile malware not new, disguising it as a router update is a first for Kimsuky, researchers say The North Korean hacking syndicate Kimsuky has spread malware disguised as an update for routers common in South Korea, security researchers have found, marking an evolution from the group’s usual document-based lures. The new technique discovered on May 26 appears to distribute the so-called AppleSeed malware, a backdoor commonly associated with Kimsuky, according to South Korean security firm AhnLabs. Seongsu Park, a malware analyst with security firm Kaspersky, told NK Pro that AppleSeed has been seen in past Kimsuky campaigns and is capable of executing commands on a victim’s machine from a command and © Korea Risk Group. All rights reserved. |