Kimsuky’s New Golang Stealer ‘Troll’ and ‘GoBear’ Backdoor Target South Korea

Kimsuky, a nation-state actor with ties to North Korea, is suspected of deploying Troll Stealer, an information stealer built on Golang that was previously unreported.

In a recent technical analysis, South Korean cybersecurity company S2W stated that the malware pilfers “SSH, FileZilla, C drive files/directories, browsers, system information, [and] screen captures” from compromised devices.

Troll Stealer’s connections to Kimsuky are based on the malware’s resemblances to well-known families, like AppleSeed and AlphaSeed, which have been linked to the gang.

Kimsuky, also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (formerly known as Thallium), Nickel Kimball, and Velvet Chollima, is a notorious hacker that is frequently used in offensive cyber operations to acquire private read more Kimsuky’s New Golang Stealer ‘Troll’ and ‘GoBear’ Backdoor Target South Korea.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *