North Korean hackers popularly use QR Code to release malgae

Hackers from North Korea increasingly prefer to use QR Code to release malware.

QR Code is probably very familiar to Thai readers because it is a form of scanning code that can be used in a variety of different fields, especially payment. This form of code is not only popular in Thailand but also popular around the world, not even for hackers.

According to a report by the website Knowbe4, it mentions the detection of a state-sponsored hacker group from North Korea, Kimsuki, which has a negative reputation for hacking various organizations, but the release of many malware in the past has adopted a new strategy to spread malware through tricking victims into scanning QR Code. A research team from ENKI, the developer of the cybersecurity tool, a group that detects this campaign, revealed the campaign's key information:

The scam starts with hackers impersonating names as delivery services to trick victims into fake websites through computers. The scam uses a method called social engineering. After pressing the link, the website warns that the website cannot be opened on the computer. The victim asks the QR Code to enter the website. If the victim believes and scans, it leads to malware downloading from the hacker's server with an IP number of 27.102.137. [.] 181 came down ultimately installed on the victim's machine in the stain of a fake application, which the research team has said is a very clever method because it can evade detection by on-board security tools.

By the fake application, the research team revealed that there are up to four, two of which are applications for delivery services, and the remaining two are not revealed as to which application they are. The research team also warned that users are very careful not to open links sent by suspicious or unreliable individuals.

# Trending # Lemon 8 Howtoo # lemon 8 diary # freedomhack # IT should know