Cybersecurity researchers have disclosed details of a previously undocumented threat group called Unfading Sea Haze that's believed to have been active since 2018. The intrusion singled out high-level organizations in South China Sea countries, particularly military and government targets, Bitdefender said in a report shared with The Hacker News. "The investigation revealed a … [Read more...] about Researchers Warn of Chinese-Aligned Hackers Targeting South China Sea Countries
South
N. Korean Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
Dec 08, 2023NewsroomCyber Espionage / Cryptocurrency The North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of a spear-phishing campaign with the ultimate goal of distributing backdoors on compromised systems. "The threat actor ultimately uses a backdoor to steal information and execute commands," the AhnLab … [Read more...] about N. Korean Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
Advanced Linux Malware Targeting South Korean Systems
Aug 05, 2023THNLinux / Malware Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. "Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of systems," the AhnLab Security Emergency Response Center … [Read more...] about Advanced Linux Malware Targeting South Korean Systems
German and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack Tactics
Mar 23, 2023Ravie LakshmananCyber Attack / Browser Security German and South Korean government agencies have warned about cyber attacks mounted by a threat actor tracked as Kimsuky using rogue browser extensions to steal users' Gmail inboxes. The joint advisory comes from Germany's domestic intelligence apparatus, the Federal Office for the Protection of the Constitution … [Read more...] about German and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack Tactics
Experts Warn of RambleOn Android Malware Targeting South Korean Journalists
Feb 17, 2023Ravie LakshmananMobile Security / Cyber Threat Suspected North Korean nation-state actors targeted a journalist in South Korea with a malware-laced Android app as part of a social engineering campaign. The findings come from South Korea-based non-profit Interlab, which coined the new malware RambleOn. The malicious functionalities include the "ability to read and … [Read more...] about Experts Warn of RambleOn Android Malware Targeting South Korean Journalists
North Korea Hackers Using New “Dolphin” Backdoor to Spy on South Korean Targets
The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the threat actor has used against targets located in its southern counterpart. "The backdoor [...] has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking screenshots, and … [Read more...] about North Korea Hackers Using New “Dolphin” Backdoor to Spy on South Korean Targets
Bitter APT Hackers Add Bangladesh to Their List of Targets in South Asia
An espionage-focused threat actor known for targeting China, Pakistan, and Saudi Arabia has expanded to set its sights on Bangladeshi government organizations as part of an ongoing campaign that commenced in August 2021. Cybersecurity firm Cisco Talos attributed the activity with moderate confidence to a hacking group dubbed the Bitter APT based on overlaps in the … [Read more...] about Bitter APT Hackers Add Bangladesh to Their List of Targets in South Asia
Researchers Discover PhoneSpy Malware Spying on South Korean Citizens
An ongoing mobile spyware campaign has been uncovered snooping on South Korean residents using a family of 23 malicious Android apps to siphon sensitive information and gain remote control of the devices. "With more than a thousand South Korean victims, the malicious group behind this invasive campaign has had access to all the data, communications, and services on their … [Read more...] about Researchers Discover PhoneSpy Malware Spying on South Korean Citizens
North Korean hackers targeting South Korea with RokRat Trojan
A North Korean hacking group has been found deploying the RokRat Trojan in a new spear-phishing campaign targeting the South Korean government. Attributing the attack to APT37 (aka Starcruft, Ricochet Chollima, or Reaper), Malwarebytes said it identified a malicious document last December that, when opened, executes a macro in memory to install the aforementioned remote access … [Read more...] about North Korean hackers targeting South Korea with RokRat Trojan
Trojanized Security Software Hits South Korea Users in Supply-Chain Attack
Cybersecurity researchers took the wraps off a novel supply chain attack in South Korea that abuses legitimate security software and stolen digital certificates to distribute remote administration tools (RATs) on target systems. Attributing the operation to the Lazarus Group, also known as Hidden Cobra, Slovak internet security company ESET said the state-sponsored threat actor … [Read more...] about Trojanized Security Software Hits South Korea Users in Supply-Chain Attack