Red Eyes Exploits Hangul EPS Vulnerability and Steganography to Spread Malware

Threat Advisories

Red Eyes Exploits Hangul EPS Vulnerability and Steganography to Spread Malware

Threat Level
Attack Report

For a detailed threat advisory, download the pdf file here

Summary

The Red Eyes group used an old vulnerability in Hangul word processor to spread malicious code via steganography, stealing personal PC information and mobile phone data, and executing C&C commands using a shared memory section.