#SpyGlace – Xynik

APT-C-60 Exploits WPS Office Vulnerability to Deploy SpyGlace Backdoor

November 27, 2024 by Xynik

November 27, 2024 at 06:28AM APT-C-60, a South Korea-aligned cyber espionage group, targeted a Japanese organization in August 2024 using a job application phishing scheme to deploy the SpyGlace malware. The attack utilized services like Google Drive and Bitbucket, exploiting vulnerabilities in WPS Office, and involved sophisticated methods for executing and distributing the malware. ### … Read more

APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor

August 28, 2024 by Xynik

August 28, 2024 at 10:33AM APT-C-60, a threat actor linked to South Korea, has exploited a critical flaw in Kingsoft WPS Office to deploy a backdoor called SpyGlace. This malicious activity targeted Chinese and East Asian users using a one-click exploit in a booby-trapped spreadsheet document. The attack tactic has been active since 2021, aiming … Read more