The Evolution of DEEP#GOSU Attack Campaign by Kimsuky Group
The Evolution of DEEP#GOSU Attack Campaign by Kimsuky Group
Summary:
A sophisticated multi-stage attack campaign linked to the North Korean Kimsuky group, dubbed DEEP#GOSU. Using PowerShell and VBScript, the attackers leverage remote access trojan (RAT) software for full control over infected hosts, while employing legitimate services like Dropbox for command and control communication to evade detection.
Threat Level – Amber | Attack Report
For a detailed threat advisory, download the pdf file here
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.