While attacks initially involved the distribution of a malicious HTML app that facilitated retrieval of a script enabling NetSupport RAT malware deployment, threat actors shifted to impersonate Next.js and other JavaScript libraries to deliver NetSupport RAT and BurnsRAT, according to an analysis from Kaspersky.
Malicious emails sent by Kimsuky using Mail.ru's "mail.ru", "bk.ru", "internet.ru", "list.ru", and "inbox.ru" domains impersonated financial organizations and web portals, which had been exploited in the group's attacks involving U.S., South Korean, and Japanese email address domains earlier this year, a report from South Korean cybersecurity firm Genians revealed.
Such an operation has prompted increased awareness of the growing prevalence of stablecoin theft, noted Interpol, which has committed to continuing the South Korea-backed cybercrime crackdown operation.
Organizations are increasingly looking towards AI platforms as a solution to the advancing tide of fraudulent emails and phishing attempts.
The hope is that AI and automation platforms will allow network defenders to free themselves up to better handle more pressing threats and easily isolate suspicious messages. At the same time, organization...
