Kimsuky hackers deploy new Linux backdoor in attacks on South Korea

May 16, 2024 at 10:16AM Kimsuky, a North Korean hacker group, has been using trojanized software packages to deliver Gomir, a Linux malware, linked to the Reconnaissance General Bureau. The malware shares similarities with GoBear and allows various operations on the infected system, indicating a sophisticated espionage attack method against South Korean targets.Symantec provided indicators … Read more

Kimsuky hackers deploy new Linux backdoor via trojanized installers

May 16, 2024 at 09:35AM North Korean hacker group Kimsuki, linked to military intelligence, used trojanized software packages to deliver Linux malware Gomir in cyberespionage campaigns against South Korean targets. The malware, a variant of GoBear, exhibits persistent behaviors on Linux machines and supports 17 operations through HTTP POST requests. It’s part of a supply-chain … Read more