Skip to main content

North Korea-linked Geumseong121 APT group is sending spear-phishing emails to target people interested in North Korean refugees

posted onApril 1, 2020
by l33tdawg
computing.co.uk
Credit: computing.co.uk

The researchers from South Korea-based cyber security firm ESTsecurity claim to have uncovered a new cyber espionage campaign, which they believe is being carried out by North Korea-backed APT group Geumeong121.

The researchers said they discovered the new spear-phishing operation based on the indicators of compromised data and the evidence collected by threat intelligence multi-channel sensors.

The researchers have named the campaign as "Operation Spy Cloud" after finding that it used Google Drive and PickCloud service to target potential victims. According to researchers, Geumeong121 APT group is sending spear-phising emails to potential victims and trying to lure them into clicking malicious links. These links appear to provide valuable information about Korean refugees, but they actually download malware on the device when clicked by a potential target.

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th