Cybereason: Cyber Group ‘Kimsuky’ Uses New Malware, Spyware Suite to Target Gov’t, Defense Orgs

Cybereason: Cyber Group ‘Kimsuky’ Uses New Malware, Spyware Suite to Target Gov’t, Defense Orgs
Cyber threat

A research team at Cybereason has found that Kimsuky, a cyber espionage group linked to the government of North Korea, is using a new malware strain called CSPY Downloader and spyware suite KGH_SPY to perform attacks on defense and government organizations, human rights groups and research and pharmaceutical companies working on COVID-19 vaccines and treatments.

Cybereason said Monday the company’s Nocturnus team found that the modular suite of KGH_SPY spyware tools provides hackers with backdoor, data theft, keylogging and reconnaissance capabilities, while CSPY Downloader works by downloading additional payloads and evading analysis.

Kimsuky has been using those tools to target private and public sector companies in the U.S., Japan, Europe, Russia and South Korea, according to the research team. Timestamps of malware appear to have been changed as part of efforts to undermine forensic investigation.

“Kimsuky has a rich and notorious history dating back to 2012 of targeting South Korea, but over the past few years they have expanded their global reach,” said Assaf Dahan, senior director and head of threat research at Cybereason. 

“Since the new malware is quite new, the true scope of the threat it poses is unknown, but given Kimsuky’s track record this spyware is likely to be of serious concern to both public and private sector organizations,” Dahan added.

You may also be interested in...

Anthony Lisuzzo Avisory board member Ironwave

Shipcom Wireless EVP Anthony Lisuzzo Joins Ironwave Technologies’ Advisory Board

Anthony Lisuzzo, executive vice president for east coast operations at Shipcom Wireless, has been named to the advisory board of Manassas-Virginia-based radio frequency and microwave technology provider Ironwave Technologies.

FLIR Centaur

FLIR Receives Modification to Army Unmanned Ground Vehicle Support IDIQ

The U.S. Army has awarded FLIR Systems a $30.1 million contract modification to help sustain unmanned ground vehicles designed to support anti-improvised explosive device operations and chemical, biological, radiological and nuclear detection.

GPS IIIF satellite

Raytheon to Launch Alternative Navigation Tech for GPS-Denied Environments

Raytheon Technologies is developing receivers planned to provide an alternative navigation system to GPS that integrates sensors and signals through concepts such as machine learning.