Security News > 2025 > February > North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack
2025-02-12 10:43
The North Korea-linked threat actor known as Kimsuky has been observed using a new tactic that involves deceiving targets into running PowerShell as an administrator and then instructing them to paste and run malicious code provided by them. "To execute this tactic, the threat actor masquerades as a South Korean government official and over time builds rapport with a target before sending a
News URL
https://thehackernews.com/2025/02/north-korean-hackers-exploit-powershell.html
Related news
- North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks (source)
- Hackers exploit critical unpatched flaw in Zyxel CPE devices (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks (source)
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- DPRK hackers dupe targets into typing PowerShell commands as admin (source)