Information-stealing malware has been deployed by North Korean state-backed hacking group Kimsuky in ongoing attacks against South Korean organizations exploiting Compiled HTML Help files, reports The Hacker News. Intrusions involved the distribution of ISO, RAR, ZIP, or VHD files, which when opened enables VBScript execution and eventual payload retrieval, a report from Rapid7 showed.
Source: SC Magazine