Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks


The Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea’s Reconnaissance General Bureau (RGB), has been observed deploying a Linux version of its GoBear backdoor as part of a campaign targeting South Korean organizations.
The backdoor, codenamed Gomir, is “structurally almost identical to GoBear, with extensive sharing of code between







2024-05-17 08:46:00


0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *