South Korea
-
ScarCruft Uses RokRAT in HanKook Phantom Campaign Targeting South Korea
Researchers have uncovered a targeted phishing campaign by North Korea-linked ScarCruft (APT37), dubbed Operation HanKook Phantom, delivering RokRAT to South Korean academics, former officials, and researchers via a manipulated LNK attack chain and PowerShell-based payloads, with exfiltration to multiple cloud services and a willingness to use decoy documents tied to high-profile statements.
-
State-sponsored XenoRAT campaign targets South Korean embassies, researchers say
A Trellix-led analysis describes a multi-phase, state-sponsored XenoRAT espionage campaign targeting South Korean embassies, with links to North Korea’s Kimsuky and indications of possible China-based sponsorship. The operation has conducted at least 19 spearphishing attacks since March, delivering XenoRAT via password-protected ZIP archives and complex, multilingual lures.
-
SK Telecom Confirms Massive Malware Breach Impacting Millions of Subscribers
SK Telecom has confirmed a substantial cybersecurity breach affecting the USIM data of around 27 million subscribers, with malware traces dating back to 2022. The company is taking extensive measures to secure its network, including offering free SIM replacements for affected customers.
-
Dior Reports Data Breach Affecting Customer Information Amid Cybersecurity Incident
Dior has disclosed a significant cybersecurity incident affecting customer information, emphasizing that payment details were not compromised while investigations continue into the breach’s scope.
