‘한독 합동 사이버 보안 권고’ 관련 안랩 대응 현황

3월 20일 오늘 대한민국 국가정보원(NIS)과 독일 헌법보호청(BfV)은 킴수키(김수키) 해킹조직과 관련한 합동 보안 권고문을 발표하였다. 합동 보안 권고문에 따르면, 킴수키 해킹조직은 크로미움 브라우저 확장프로그램과 안드로이드 앱 개발자 지원 기능을 악용하여 계정정보 절취(탈취) 공격을 하였다. 한반도•대북 전문가를 주요 공격타깃으로 하고 있으나, 전 세계 불특정 다수로 공격이 확대될 수 있다고도 하였다.

  • 제목: 킴수키 해킹조직의 구글 브라우저 및 앱 스토어 서비스 악용 공격 주의
  • 보안 권고문: 대한민국 국가사이버안보센터 (NCSC) 바로가기

안랩은 합동 보안 권고문에 공개된 침해지표(IoC) 파일을 다음과 같이 진단한다.

침해지표 MD5 진단명 엔진버전
012d5ffe697e33d81b9e7447f4aa338b 설정 파일로서 진단대상 아님
51527624e7921a8157f820eb0ca78e29 Backdoor/JS.Agent.SC182439 2022.11.02.03
582a033da897c967faade386ac30f604 Backdoor/JS.Agent.SC182438 2022.11.02.03
04bb7e1a0b4f830ed7d1377a394bc717 Android-Trojan/Kimsuky 2022.10.27.00
89f97e1d68e274b03bc40f6e06e2ba9a Android-Trojan/FastSpy 2022.10.28.05
3458daa0dffdc3fbb5c931f25d7a1ec0 Android-Trojan/Kimsuky 2022.12.15.01

연관 IOC 및 관련 상세 분석 정보는 안랩의 차세대 위협 인텔리전스 플랫폼 ‘AhnLab TIP’ 구독 서비스를 통해 확인 가능하다.

5 1 vote
별점 주기
Subscribe
Notify of
guest

45 댓글
Inline Feedbacks
View all comments
trackback

[…] perusahaan keamanan siber Korea AhnLab, lapor bahwa pelaku ancaman memperbarui FastViewer pada Desember 2022, sehingga mereka terus menggunakan […]

trackback

[…] Korean cybersecurity agency AhnLab, reports that the risk actors up to date FastViewer in December 2022, so that they continued utilizing the […]

trackback

[…] Korean cybersecurity firm AhnLab, reports that the threat actors updated FastViewer in December 2022, so they continued using the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] asesoramiento conjunto llega del aparato de inteligencia nacional de Alemania, la Oficina Federal para la Protección de la […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] ortak danışma gelir Almanya’nın iç istihbarat teşkilatı, Federal Anayasayı Koruma Dairesi (BfV) ve Güney […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s home intelligence equipment, the Federal Workplace for the Safety of the […]

trackback

[…] joint advisory comes from Germany’s home intelligence equipment, the Federal Workplace for the Safety of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s home intelligence equipment, the Federal Workplace for the Safety of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s home intelligence equipment, the Federal Workplace for the Safety of the […]

trackback

[…] conseil conjoint vient de l’appareil de renseignement intérieur allemand, de l’Office fédéral pour la […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] advisory cautions against the stealthy actions of a hacking group known as Kimsuki “Kim Su-ki” (aka Thallium, […]

trackback

[…] advisory cautions against the stealthy actions of a hacking group known as Kimsuki “Kim Su-ki” (aka Thallium, […]

trackback

[…] advisory cautions against the stealthy actions of a hacking group known as Kimsuki “Kim Su-ki” (aka Thallium, […]

trackback

[…] Korean cybersecurity firm AhnLab, reports that the threat actors updated FastViewer in December 2022, so they continued using the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] Korean cybersecurity firm AhnLab, reports that the threat actors updated FastViewer in December 2022, so they continued using the […]

trackback

[…] la société coréenne de cybersécurité AhnLab rapporte que les auteurs de la menace ont mis à jour FastViewer en décembre 2022, et qu’ils ont donc […]

trackback

[…] advisory cautions against the stealthy actions of a hacking group known as Kimsuki “Kim Su-ki” (aka Thallium, […]

trackback

[…] advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] Korean cybersecurity firm AhnLab, reports that the threat actors updated FastViewer in December 2022, so they continued using the malware […]

trackback

[…] as Kimsuky using rogue browser extensions to steal users’ Gmail inboxes.The joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] álcázva látták. A koreai kiberbiztonsági cég, az AhnLab azonban  arról számol be, hogy a fenyegetések szereplői 2022 decemberében frissítették a FastViewert, így folytatták […]

trackback

[…] joint advisory comes from Germany’s home intelligence equipment, the Federal Workplace for the Safety of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the […]

trackback

[…] noticias del hacker Recientemente publicó una historia que habla de un articulación comunicación entre el aparato de inteligencia alemán, la Oficina Federal para la Protección de […]