The North Korean hacker organization Kimsuky has employed a new malware named “Durian” in targeted cyber attacks against at least two South Korean cryptocurrency companies, according to a report by cybersecurity firm Kaspersky. This malware variant, characterized by its multifunctional backdoor capabilities, was distributed through exploiting legitimate security software specific to South Korean crypto firms, allowing for command execution, file downloads, and data exfiltration. The strain’s deployment indicates a potential link between Kimsuky and the infamous Lazarus Group, another North Korean hacking entity, suggesting a collaborative undercurrent within North Korea’s cyber-espionage landscape targeting the cryptocurrency sector.
North Korean Hacker Group Targets South Korean Crypto Firms With New 'Durian' Malware
This article was published more than a year ago. Some information may no longer be current.
WRITTEN BY
SHARE
