North Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto Firms

A previously unreported Golang-based malware known as Durian has been seen being used by the North Korean threat actor known as Kimsuky in highly focused cyberattacks against two South Korean bitcoin companies.

According to Kaspersky’s APT trends report for Q1 2024, “Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads, and file exfiltration.”

The genuine software that was only available in South Korea was utilized as an infection channel in the August and November 2023 attacks. The specific method by which the product was manipulated is still unknown.

It is known that the software connects to the attacker’s site and retrieves a malicious payload, which initiates the infection process read more North Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto Firms.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *