"Cyber Espionage Group Earth Kitsune Deploys WhiskerSpy Backdoor in Latest Attacks"

As part of a social engineering campaign, the cyber espionage threat actor tracked as Earth Kitsune has been seen implementing a new backdoor named WhiskerSpy. Since at least 2019, Earth Kitsune has been known to predominantly target individuals interested in North Korea using self-developed spyware such as dneSpy and agfSpy. Previous breaches used watering holes that exploited browser vulnerabilities in Google Chrome and Internet Explorer to initiate the infection chain. According to a new analysis from Trend Micro, the distinguishing feature of the most recent attacks is a shift toward social engineering to deceive people into visiting infected websites associated with North Korea. According to the cybersecurity firm, the website of a pro-North Korea organization was hacked and changed to spread the WhiskerSpy implant. This article continues to discuss the cyber espionage threat actor Earth Kitsune deploying the new WhiskerSpy backdoor. 

THN reports "Cyber Espionage Group Earth Kitsune Deploys WhiskerSpy Backdoor in Latest Attacks"