Web: https://malware.news/t/kimsuky-group-appears-to-be-exploiting-onenote-like-the-cybercrime-group/67959

March 17, 2023, 12:16 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news


Last Modified: Mar 17, 2023
Photo by Ed Hardie on Unsplash

Executive Summary

  • We have confirmed that the Kimsuky group is distributing malware using a malicious OneNote (.ONE) file, which cybercriminals have widely used.

  • When viewed, the ONE file displays an image of the Institute for Peace and Democracy at Korea University and asks the target to fill out a privacy agreement document in order to pay them for participating in a survey. …

cybercrime exploiting kimsuky malware analysis onenote

Snr Security Engineer (cloud)

@ Verisk | Málaga, Spain

Cybersecurity Analyst

@ Visa | Bengaluru, India

Information Security Engineer

@ ServiceNow | Orlando, FL, United States

Director of Cloud Security - 100% US REMOTE

@ Experian | Allen, TX, United States

Azure DevSecOps - Solution Architect

@ Citizant | Chantilly, VA, United States

Cybersecurity Champion

@ NielsenIQ | Chicago, IL, United States

Senior Information Security Analyst

@ QAD, Inc. | Wroclaw, Poland

VP, Information Security

@ TrueAccord | Remote

DevSecOps Engineer- (100%) ( w/m/d) - Valbonne - Hybrid Work

@ SMG Swiss Marketplace Group | Valbonne, France

Information Security Director - Attack Surface Management (100% US REMOTE)

@ Experian | Allen, TX, United States

Director - Cybersecurity and Compliance

@ Visa | Foster City, CA, United States

Senior Threat Analyst | Remote, USA

@ Optiv | Kansas City, MO