InvisibleFerret
-
North Korean linked actors use malicious VS Code projects to deploy backdoor
Jamf reported North Korean linked actors abused Visual Studio Code task files to execute obfuscated JavaScript that fetches backdoors and enables remote code execution targeting developers who clone and open repositories.
-
Google says North Korean hackers used smart-contract “EtherHiding” to deliver malware
Google Threat Intelligence Group says a North Korean actor known as UNC5342 used an “EtherHiding” smart-contract technique to host and deliver JavaScript malware via fake job interviews, enabling stealthy payload updates and theft of credentials and cryptocurrency.
