Security News > 2025 > February > North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
2025-02-06 11:05
The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center (ASEC). The attacks commence with phishing emails containing a Windows shortcut (LNK) file that's disguised as a Microsoft Office or PDF document.
News URL
https://thehackernews.com/2025/02/north-korean-apt-kimsuky-uses-lnk-files.html
Related news
- Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials (source)
- China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families (source)
- North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages (source)
- Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware (source)
- North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures (source)