Kimsuky Exploits Legitimate Certificate to Disseminate TrollAgent

Threat Level – Amber | Vulnerability Report
Download PDF

The Kimsuky group, backed by North Korea, used TrollAgent malware via a fake security program to target a Korean construction association’s website, stealing data and enabling remote control between December 2023 and January 2024.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox