Phishing, Malware

Ongoing DEV#POPPER malware campaign expands targeting

Share
System hacked warning alert on laptop computer. Cyber attack on computer network, virus, spyware, malware or malicious software. Cyber security and cybercrime concept. System security technology (3)

Windows, macOS, and Linux systems have been targeted by North Korea-linked threat actors with novel malware and attack techniques as part of an expanded active DEV#POPPER malware campaign discovered earlier this month, The Hacker News reports.

New DEV#POPPER attacks involved the utilization of interview lures to developers aimed at distributing a ZIP archive file, which when executed triggers the BeaverTail malware, which not only identifies targeted devices' operating systems but also facilitates the delivery of the data exfiltrating InvisibleFerret backdoor and other next-stage payloads, an analysis from Securonix revealed. Additional obfuscation and persistence techniques have also been leveraged in the recent intrusions, which also resulted in the theft of sensitive browser-stored data, researchers reported. "This sophisticated extension to the original DEV#POPPER campaign continues to leverage Python scripts to execute a multi-stage attack focused on exfiltrating sensitive information from victims, though now with much more robust capabilities," said researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.