[r0ny]

A hacker group likely supported by North Korea has launched an advanced persistent threat (APT) attack by inserting malicious code in a popular South Korean security program. APT attacks are typically characterized by being sophisticated, long-term attacks aimed at monitoring information and stealing data rather than immediately causing damage to a network or organization.

ref:http://blog.alyac.co.kr/m/1963

IOCs:

Code: Select all

08ba6fe2e325cc73dc9431d26ed2249c
85df8b5d94b71cb7490f8f125cdf9293
d0f6e169bf60797466bbb8cc069effcf
3eee8d2ed3601756839e090d851b6250

[maddog4012]

Sample have been attached :)