North Korean hackers are targeting South Korean think tanks using malware hidden in blog posts. A state-sponsored advanced persistent threat (APT) group has been planting surveillance and theft-based malware on victim machines since June 2021.
- The targets are South Korean think tanks researching political, diplomatic, and military topics pertaining to North Korea, China, Russia, and the U.S.
- Geopolitical and aerospace organizations appear to be the hackers' priority.
- Google has removed the blog content.