Researchers at Palo Alto Networks Unit 42 have discovered two new malware strains, KLogEXE and FPSpy, linked to the North Korean hacking group Kimsuky. These malware strains are designed to collect sensitive information from targeted individuals and organizations, primarily in Japan and South Korea. The researchers believe the malware is being delivered via spear-phishing emails that encourage recipients to download malicious files. KLogEXE is a keylogger, designed to record keystrokes and gather information about running applications, while FPSpy is a backdoor that can gather system information, download additional malware, and execute commands on the infected device. The researchers also noted similarities in the source code of both malware strains, suggesting they were developed by the same author.
https://thehackernews.com/2024/09/n-korean-hackers-deploy-new-klogexe-and.html
https://unit42.paloaltonetworks.com/kimsuky-new-keylogger-backdoor-variant/
https://thehackernews.com/search/label/APT%20Threat
