The North Korean spy agency Kimsuky has been using a piece of custom malware called RandomQuery to target organizations supporting human rights and defectors.
According to the cybersecurity firm, this campaign also demonstrates the group’s consistent approach of delivering malware through CHM files.
Similar malware by other North Korean actors has also been observed.
ScarCruft, another North Korean nation state actor, also uses Chm files to lure and monitor their movement.
These incidents underscore the ever-changing landscape of North Korean threat groups, whose remit not only encompasses political espionage but also sabotage and financial threats.
Researchers warn that malicious code can be found in many different types of N.G.R.P.E.A.S.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply