all InfoSec news
Detailed Analysis of AlphaSeed, a new version of Kimsuky’s AppleSeed written in Golang
May 17, 2023, 12:06 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
Author: BLKSMTH | S2W TALON
Photo by Chinmay B on Unsplash
Last Modified: May 17, 2023
Executive Summary
- 2023년 5월 경, S2W의 위협 연구 및 인텔리전스 센터 Talon은 Kimsuky 그룹의 새로운 악성코드로 추정되는 샘플을 VirusTotal에서 헌팅하여 분석을 진행함
- 헌팅된 악성코드는 네이버 로그인에 필요한 Cookie 값이 악성코드에 삽입되어있으며, Chrome Devtools 프로토콜을 사용하도록 서포팅하는 클라이언트 프로그램인 ChromeDP로 로그인을 수행
- S2W Talon은 해당 악성코드 내 “E:/Go_Project/src/alpha/naver_crawl_spy/”라는 경로명이 포함되어 있다는 점에서 이 악성코드를 “AlphaSeed”으로 명명
- 우리는 AlphaSeed가 Kimsuky 그룹이 …
analysis appleseed author chrome cookie golang kimsuky malware analysis may photo s2w talon version
More from malware.news / Malware Analysis, News and Indicators - Latest topics
You get a passkey, you get a passkey, everyone should get a passkey
1 day, 2 hours ago |
malware.news
Attackers evade detection by leveraging Microsoft Graph API
1 day, 2 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
Senior Security Officer
@ eSimplicity | Remote
Senior - Automated Cyber Attack Engineer
@ Deloitte | Madrid, España
Public Key Infrastructure (PKI) Senior Engineer
@ Sherwin-Williams | Cleveland, OH, United States
Consultant, Technology Consulting, Cyber Security - Privacy (Senior) (Multiple Positions) (1502793)
@ EY | Chicago, IL, US, 60606
Principal Associate, CSOC Analyst
@ Capital One | McLean, VA
Real Estate Portfolio & Corporate Security Lead
@ Lilium | Munich