Novel Go-based malware strains used in Kimsuky attacks

9 February 2024

Recent attacks by North Korean state-sponsored hacking group Kimsuky, also known as APT43, Emerald Sleet, and Velvet Chollima, have involved the novel Go-based Troll Stealer and GoBear malware strains, The Hacker News reports. Kimsuky leveraged a malicious dropper file impersonating a security program installer from South Korean firm SGA Solutions to facilitate the deployment of Troll Stealer, which exfiltrates SSH, browser, and system information, a report from S2W revealed.

Source: SC Magazine

Date:

9 February 2024

Categorie(s):

NEWS

Tag(s):

IT, Kimsuky, News, Novel

Why cloud vulnerabilities need CVEs1 May 2024
Making cybersecurity more appealing to women, closing the skills gap1 May 2024
Cybersecurity jobs available right now: May 1, 20241 May 2024
How to Utilize Azure Logs to Identify Threats: Insights From Microsoft1 May 2024
Building a strong cloud security posture1 May 2024