Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks

2 months ago [email protected] (The Hacker News)
Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks


The Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea’s Reconnaissance General Bureau (RGB), has been observed deploying a Linux version of its GoBear backdoor as part of a campaign targeting South Korean organizations.
The backdoor, codenamed Gomir, is “structurally almost identical to GoBear, with extensive sharing of code between

The post “Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)

Tags: , , ,

More Stories

French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

5 hours ago [email protected] (The Hacker News)

Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials

6 hours ago [email protected] (The Hacker News)

This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

22 hours ago [email protected] (The Hacker News)

Offensive AI: The Sine Qua Non of Cybersecurity

1 day ago [email protected] (The Hacker News)

U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals

1 day ago [email protected] (The Hacker News)

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

1 day ago [email protected] (The Hacker News)