Security News > 2025 > February > North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack
2025-02-12 10:43
The North Korea-linked threat actor known as Kimsuky has been observed using a new tactic that involves deceiving targets into running PowerShell as an administrator and then instructing them to paste and run malicious code provided by them. "To execute this tactic, the threat actor masquerades as a South Korean government official and over time builds rapport with a target before sending a
News URL
https://thehackernews.com/2025/02/north-korean-hackers-exploit-powershell.html
Related news
- North Korean hackers linked to $1.5 billion ByBit crypto heist (source)
- OpenAI bans ChatGPT accounts used by North Korean hackers (source)
- North Korean Hackers Steal $1.5B in Cryptocurrency (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- North Korean Lazarus hackers infect hundreds via npm packages (source)