North Korea-nexus Golang Backdoor/Stealer from Contagious Interview campaign

On December 28, 2024, @tayvano_ shared a great thread on X describing activity consistent with what is typically known as the “Contagious Interview” campaign conducted by North Korea-nexus threat a...

Jan 5, 2025

Trojanized Chrome Extensions

I rarely deal with malicious browser extensions, however, they are likely to become increasingly relevant in the future. It is commonly said that “the browser is the new OS”, so it only makes sense...

Dec 29, 2024

PUBLOAD Likely Delivered to Thailand via GrimResource MSC

On December 20, 2024, a Microsoft Management Console (MSC) file named “Invitation Letter.msc” was uploaded from Thailand to VirusTotal. File name: Invitation Letter.msc Hash: 5b18f8b379cb3294...

Dec 27, 2024

KoiLoader/KoiStealer

On November 29,2024, MalwareHunterTeam posted the following sample in X: https://x.com/malwrhunterteam/status/1862624900592119903 File name: mysetup.exe Hash: e29d2bd946212328bcdf783eb434e1b...

Dec 7, 2024

North Korea-nexus Golang Backdoor/Stealer from Contagious Interview campaign

Trojanized Chrome Extensions

PUBLOAD Likely Delivered to Thailand via GrimResource MSC

KoiLoader/KoiStealer

Trending Tags