Tag: kandykorn

2 Attack Reports | 0 Vulnerabilities

Attack reports

Threat Assessment: North Korean Threat Groups

This assessment evaluates several North Korean threat groups operating under the Reconnaissance General Bureau. It describes their organizational structure, objectives, and the diverse malware families employed in their recent campaigns targeting various industries worldwide. The analysis covers 10…
malware
espionage
cybercrime
northkorea
rats
comebacker
rustbucket
kandykorn
2024-09-10
collectionrat
fullhouse
poolrat
odicloader
objcshellz
pondrat
smoothoperator
Published: September 10, 2024
Downloadable IOCs: 58

TodoSwift Disguises Malware Download Behind Bitcoin PDF

This report details a macOS threat actor likely originating from North Korea that employs a dropper application written in Swift/SwiftUI. The dropper presents the user with a seemingly legitimate Bitcoin pricing PDF while simultaneously downloading and executing a malicious payload. The malware's t…
cryptocurrency
macos
dropper
2024-08-19
rustbucket
kandykorn
todoswift
Published: August 19, 2024
Downloadable IOCs: 7
Click here to see more Attack Reports