In recent months, North Korean based threat actors have been ramping up attack campaigns in order to achieve a myriad of their objectives, whether it be financial gain or with espionage purposes in mind. The North Korean cluster of attack groups is peculiar seeing there is quite some overlap with one another, and it is not always straightforward to attribute a specific campaign to a specific threat actor.
In this research paper we analyse a new threat campaign, discovered in late May, and which features multiple layers and ultimately delivers a seemingly new and previously undocumented backdoors.
We have named this threat campaign “Niki” as it refers to the potential malware developer(s).
Get Our Paper
New North Korean-Based Backdoor Packs a Punch
Want to detect threats 8+ months earlier?
See how DarkArmor's PreBreach intelligence can protect your organization.
