Publications

Bozori: the first ‘business worm’?

The anatomy of the Bozori worm outbreaks that we’ve seen in the last day or so leads us to believe that we’re witnessing the emergence of a new type of infection, what we’re calling the ‘business worm’.

Read the full story here

Bozori: the first ‘business worm’?

Your email address will not be published.

 

Reports

Kimsuky’s GoldDragon cluster and its C2 operations

Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related entities. In early 2022, we observed this group was attacking the media and a think-tank in South Korea.

Andariel deploys DTrack and Maui ransomware

Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.

Subscribe to our weekly e-mails

The hottest research right in your inbox