"Kimsuky Hackers Deploy New Linux Backdoor in Attacks on South Korea"
The North Korean hacker group "Kimsuky" is now using "Gomir," a new Linux malware and version of the GoBear backdoor. Kimsuky is a state-sponsored threat actor connected to North Korea's military intelligence, the Reconnaissance General Bureau (RGB). Symantec researchers found a Linux variant of the GoBear backdoor while investigating a campaign reported by researchers at the SW2 threat intelligence company in early February 2024 that targeted South Korean government organizations. This article continues to discuss the Kimsuky hackers' use of a new Linux backdoor.
Bleeping Computer reports "Kimsuky Hackers Deploy New Linux Backdoor in Attacks on South Korea"
Submitted by grigby1
Submitted by Gregory Rigby
on