A new North Korean nation-state cyber operator has been attributed to a series of campaigns orchestrated to gather strategic intelligence that aligns with Pyongyang’s geopolitical interests since 2018. Google-owned Mandiant, which is tracking the activity cluster under the moniker APT43, said the group’s motives are both espionage- and financially-motivated, leveraging techniques like credential harvesting and […]
As part of the campaign, victims were lured to a VPN application claiming to provide access to Bahaʼi religious resources that are banned in Iran. The application contains highly sophisticated spyware designed to collect all types of data from devices, including call logs and contact lists, and to track victims’ activities. The malware, named SandStrike, […]
A recently discovered hacking group known for targeting employees dealing with corporate transactions has been linked to a new backdoor called Danfuan. This hitherto undocumented malware is delivered via another dropper called Geppei, researchers from Symantec, by Broadcom Software, said in a report shared with The Hacker News. The dropper “is being used to install […]
Latest Comments