New Spear Phish Methodology Relies on PuTTY SSH Client to Infect Systems

Hackers associated with North Korea are using trojanized versions of the PuTTY SSH open-source terminal emulator to install backdoors on victims’ devices. Discovered by Mandiant, the threat actor responsible for this campaign would be ‘UNC4034’ (also known as Temp.Hermit or Labyrinth Chollima). “Mandiant identified several overlaps between UNC4034 and threat clusters we suspect have a North

Golang-based Malware Campaign Relies on James Webb Telescope’s Image

A new hacking campaign is exploiting the notorious deep field image taken from the James Webb telescope alongside obfuscated Go programming language payloads to infect systems. The malware was spotted by the Securonix Threat research team, who is tracking the campaign as GO#WEBBFUSCATOR. “Initial infection begins with a phishing email containing a Microsoft Office attachment,”