Security News > 2025 > February > North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
2025-02-06 11:05
The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center (ASEC). The attacks commence with phishing emails containing a Windows shortcut (LNK) file that's disguised as a Microsoft Office or PDF document.
News URL
https://thehackernews.com/2025/02/north-korean-apt-kimsuky-uses-lnk-files.html
Related news
- North Koreans clone open source projects to plant backdoors, steal credentials (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- New Mac Malware Poses as Browser Updates (source)
- New FrigidStealer Malware Targets macOS Users via Fake Browser Updates (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)