APT Earth Kitsune delivers new WhiskerSpy malware via watering hole attack
APT Earth Kitsune delivers new WhiskerSpy malware via watering hole attack
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
Earth Kitsune, an advanced persistent threat (APT) actor known for targeting individuals interested in North Korea, also China, Brazil, and Japan and has been found to be using a new backdoor called “WhiskerSpy” in a recent campaign. The group used a social engineering tactic in a watering hole attack, luring visitors to a pro-North Korean website with a fake error message and offering a trojanized codec installer that loaded the WhiskerSpy backdoor on their systems.