"North Korean Hackers Deploy New Golang Malware 'Durian' Against Crypto Firms"
"Kimsuky," a North Korean threat actor, has used "Durian," a previously undocumented Golang-based malware, in attacks against two South Korean cryptocurrency firms. Durian has comprehensive backdoor functionality for command execution, file downloads, and file exfiltration. The August and November 2023 attacks used legitimate South Korean software as an infection pathway, but the exact mechanism used to manipulate the program is unknown. This article continues to discuss findings regarding Kimsuky's use of Durian malware against cryptocurrency firms.
THN reports "North Korean Hackers Deploy New Golang Malware 'Durian' Against Crypto Firms"
Submitted by grigby1
Submitted by Gregory Rigby
on