Objective: to block the partial mobilization against Ukraine, hitting logistics and communications. The group is part of IT Army of Ukraine.
ASEC: North Korea’s hackers exploit military security magazines. An ATP uses the April issue of a monthly magazine in Word to distribute targeted malware
North Korea’s hackers are using military security magazines to spread malware. As ASEC cybersecurity experts discovered, an APT exploited the April issue of a monthly military security magazine, usually published in pdf, to distribute malicious word documents. This type is a structure in which additional files are downloaded by accessing the “external external connection address” written in the DOC file inside the document. Furthermore, the bait are articles linked to Pyongyang inside the magazine. So, the targets are people involved in the issue. Recently, the Regime state-sponsored hackers increased malspam campaigns and social engineering efforts to identify high-profile targets and hit them with tailored campaigns for cyber espionage purpose.