Recent attacks by North Korean state-sponsored hacking group Kimsuky, also known as APT43, Emerald Sleet, and Velvet Chollima, have involved the novel Go-based Troll Stealer and GoBear malware strains, The Hacker News reports. Kimsuky leveraged a malicious dropper file impersonating a security program installer from South Korean firm SGA Solutions to facilitate the deployment of Troll Stealer, which exfiltrates SSH, browser, and system information, a report from S2W revealed.
Source: SC Magazine