Antivirus updates exploited for GuptiMiner malware deployment

Intrusions hijacking the eScan antivirus software's updating mechanism have been conducted by threat actors suspected to be linked to North Korean advanced persistent threat operation Kimsuky to facilitate the delivery of the sophisticated GuptiMiner malware that would then distribute cryptocurrency mining payloads, according to BleepingComputer.

advanced advanced persistent threat antivirus antivirus software antivirus updates bleepingcomputer cryptocurrency cryptocurrency mining delivery deployment exploited guptiminer hijacking kimsuky malware mechanism mining network security north north korean payloads persistent persistent threat software threat threat actors threat intelligence updates