SECURITYTHE HACKER NEWS
Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
Kimsuky, a North Korean state-sponsored threat actor, has launched cyber attacks against South Korean military and corporate entities using HTTPSpy, HelloDoor, and VS Code Tunnels. The attacks involved social engineering tactics like spoofed security software pages and fake Webex meeting links.
Mentioned
Related Signal
Adjacent reporting
- APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
- Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets
- Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
- Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
- Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
- LatAm Vibe Hackers Generate Custom Hacking Tools on the Fly