Security News > 2022 > April > Nation-state Hackers Target Journalists with Goldbackdoor Malware
Sophisticated hackers believed to be tied to the North Korean government are actively targeting journalists with novel malware dubbed Goldbackdoor.
"The Goldbackdoor malware shares strong technical overlaps with the Bluelight malware," researchers wrote.
As Stairwell researchers noted, journalists are "High-value targets for hostile governments," and often the target of cyber-espionage attacks.
The current campaign saga unfolded beginning March 18, when NK News shared "Multiple malicious artifacts with the Stairwell threat research team from a spear-phishing campaign targeting journalists who specialize in the DPRK," researchers wrote.
Goldbackdoor is a multi-stage malware that separates the first stage tooling and the final payload, which allows the threat actor to halt deployment after initial targets are infected, researchers said.
Goldbackdoor is a sophisticated malware that researchers broke down into two stages.
News URL
https://threatpost.com/hackers-target-journalists-goldbackdoor/179389/
Related news
- Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer (source)
- Hacker infects 18,000 "script kiddies" with fake malware builder (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)