Analysis Report on the Latest Attack Cases by Kimsuky Group Exploiting PebbleDash and RDP Wrapper
Analysis Overview AhnLab SEcurity intelligence Center (ASEC) recently identified that the Kimsuky group is using the backdoor PebbleDash and RDP Wrapper in multiple attacks. The threat actor uses LNK during initial access to install PowerShell malware on the infected system. Once this process is complete, they install custom-made remote control
APT Attack Cases of Kimsuky Group (PebbleDash)
The ASEC analysis team has been keeping an eye on the trend of malware that attempts APT attacks, sharing findings on the blog. In this confirmed case, PebbleDash backdoor was used in the attack, but logs of AppleSeed, Meterpreter, and other additional malware strains were also found. PebbleDash Backdoor The
Analysis Report on Kimsuky Group’s APT Attacks (AppleSeed, PebbleDash)
This document is an analysis report on types of malware recently utilized by the Kimsuky group. The Kimsuky group is mainly known for launching social engineering attacks such as spear phishing. Judging by the names of the attached files, the group seems to be targeting those working in the fields
