UNC4034, a North Korean threat actor, uses a fake job posting to trick victims into downloading a trojanized version of PuTTY. When the malicious PuTTY binary is executed on the host, a backdoor named AIRDRY is deployed, which establishes connections to the attacker’s C2 server.
Get through updates and upcoming events, and more directly in your inbox
Learn how to reduce your exposure to imminent risk & Network with Industry Peers
Hosted by former CISO, Al Lindseth and Threat Exposure Evangelist, Critt Golden.