In recent years, the Pegasus spyware, developed by the Israeli cyber intelligence firm NSO Group, has gained notoriety for its involvement in high-profile surveillance cases. The spyware has been implicated in numerous security breaches, most notably the unauthorized monitoring of Amazon founder Jeff Bezos through collaboration with a Saudi prince…
Cybersecurity Alert: SmokeLoader Malware Targets Taiwanese Industries Recent investigations by Fortinet’s FortiGuard Labs have revealed a sophisticated malware campaign primarily employing SmokeLoader to target various sectors in Taiwan, including manufacturing, healthcare, and information technology. This campaign signifies a direct and alarming threat to entities within these industries, highlighting the need…
A significant illegal streaming piracy operation has been dismantled through a coordinated effort led by Italy’s Postal and Cybersecurity Police Service. This operation involved collaboration with Europol, Eurojust, and a specialized cyber team linked to the UK’s National Cyber Security Centre (NCSC). Ongoing investigations have revealed that the dismantled service…
Understanding Stalkerware: A Growing Threat to Mobile Security In recent months, a concerning trend has emerged in the cybersecurity landscape: the rise of stalkerware, a form of malicious software that allows unauthorized individuals to secretly monitor and track another person’s device. This technology has become a significant concern for mobile…
Cybercriminals Exploit Traditional Mail to Target Android Users The rise of cybercrime has introduced a bizarre twist to conventional means of communication, as nefarious actors are now leveraging traditional postal services, commonly referred to as “Snail Mail,” to distribute malware aimed at Android smartphones. The Swiss National Cyber Security Center…
T-Mobile Confirms Data Breach as Cybersecurity Threats Loom In a recent development that underscores ongoing vulnerabilities in the cybersecurity landscape, T-Mobile has confirmed a data breach affecting its systems. The incident highlights the increasing challenges businesses face in safeguarding sensitive information against increasingly sophisticated cybercriminal tactics. The breach reportedly involves…
Cyber Threats in Google Searches: Understanding Risks and Safeguards Google has revolutionized the way we gather information, seamlessly integrating into our everyday lives. From quickly finding directions to researching complex topics, Google’s search engine has become indispensable. However, the ease of access to information comes with a hidden risk: the…
BlueBravo Deploys GraphicalProton Backdoor Targeting European Diplomatic Entities On July 28, 2023, reports emerged detailing a sophisticated cyber espionage campaign orchestrated by the Russian state-sponsored group known as BlueBravo. This threat actor has turned its focus towards diplomatic institutions located in Eastern Europe, utilizing a newly developed backdoor named GraphicalProton.…
STARK#MULE Cyber Campaign Targets Korean Speakers with U.S. Military-Themed Malware Documents
July 28, 2023
Cyber Attack / Malware
A persistent cyber attack campaign identified as STARK#MULE is aimed at Korean-speaking individuals, using U.S. Military-themed documents to lure victims into executing malware on compromised systems. Cybersecurity firm Securonix has been monitoring this activity, though the full extent of the attacks remains unclear and it is unknown if any of them have successfully compromised systems. Security researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov noted in a report shared with The Hacker News that these attacks are reminiscent of previous ones linked to North Korean groups like APT37, which has historically targeted South Korea, particularly its government officials. APT37, also known by various aliases including Nickel Foxcroft, Reaper, Ricochet Chollima, and ScarCruft, is recognized as a North Korean state-sponsored actor focused on southern targets.
STARK#MULE Targets Koreans with U.S. Military-Themed Document Lures In a notable development in cyber threats, a new campaign has emerged targeting Korean-speaking individuals through the use of U.S. military-themed documents designed to deliver malware. Cybersecurity experts from Securonix have named the campaign STARK#MULE and are actively monitoring its activities. While…
STARK#MULE Cyber Campaign Targets Korean Speakers with U.S. Military-Themed Malware Documents
July 28, 2023
Cyber Attack / Malware
A persistent cyber attack campaign identified as STARK#MULE is aimed at Korean-speaking individuals, using U.S. Military-themed documents to lure victims into executing malware on compromised systems. Cybersecurity firm Securonix has been monitoring this activity, though the full extent of the attacks remains unclear and it is unknown if any of them have successfully compromised systems. Security researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov noted in a report shared with The Hacker News that these attacks are reminiscent of previous ones linked to North Korean groups like APT37, which has historically targeted South Korea, particularly its government officials. APT37, also known by various aliases including Nickel Foxcroft, Reaper, Ricochet Chollima, and ScarCruft, is recognized as a North Korean state-sponsored actor focused on southern targets.
