all InfoSec news
Malware Disguised as Installer from Korean Public Institution (Kimsuky Group)
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab SEcurity intelligence Center (ASEC) recently discovered the Kimsuky group distributing malware disguised as an installer from a Korean public institution. The malware in question is a dropper that creates the Endoor backdoor, which was also used in the attack covered in the previous post, “TrollAgent That Infects Systems Upon Security Program Installation Process (Kimsuky Group)”. [1]
While there are no records of the dropper being used in actual attacks, there was an attack case that involved the backdoor created …
ahnlab asec attack backdoor center disguised dropper endoor installer intelligence kimsuky malware malware analysis public question security security intelligence systems trollagent