North Korean State Actors Deploying Novel Malware to Spy on Journalists

  /     /     /  
Publicated : 23/11/2024   Category : security


North Korean State Actors Deploying Novel Malware to Spy on Journalists


Spear-phishing campaign loaded with new Goldbackdoor malware targeted journalists with NK News, analysts found.



New analysis has attributed a spear-phishing campaign targeting journalists covering North Korea to APT37/Ricochet Chollimia, a state-backed group linked to the Democratic Peoples Republic of Korea (DPRK). Notably, researchers said the group is deploying a novel malware strain called Goldbackdoor, a variation of Bluelight malware previously attributed to
APT37
.
According to a report from researchers at Stairwell, multiple phishing emails were sent to NK News on Mar. 18 that appeared to be from the personal email address of the previously compromised former head of of the South Korean National Intelligence Service, and contained
Goldbackdoor malware
. NK News handed over the information to Stairwell for further investigation, the cybersecurity firm said.
Due to the sensitive nature of journalists work, they are often targets of surveillance and malware, intent on stealing information, ferreting out sources or even destroying evidence and scaring the reporters into not publishing stories, Erich Kron, security awareness advocate at KnowBe4, said in response to the news. In regimes like North Korea, where news is tightly controlled by the state, articles or information that paints the leadership or government in a negative light is treated as a serious threat to national security.

Last News

▸ Making use of a homemade Android army ◂
Discovered: 23/12/2024
Category: security

▸ CryptoWall is more widespread but less lucrative than CryptoLocker. ◂
Discovered: 23/12/2024
Category: security

▸ Feds probe cyber breaches at JPMorgan, other banks. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
North Korean State Actors Deploying Novel Malware to Spy on Journalists