Hackers from North Korea steal data from Windows devices and any phone connected to them

Researchers from the information security company ESET have found a backdoor linked to North Korea that has a wide range of spying

Researchers from the information security company ESET have found a backdoor linked to North Korea that has a wide range of spying capabilities not only on the targeted PC but also on other mobile devices connected to it.

According to the company, the backdoor is capable of monitoring drives and smartphones connected to a computer, extracting important files from them, recording keystrokes, taking screenshots, and stealing credentials from browsers.

The researchers explained that the back door, which they called the dolphin, has specific functions. He misuses cloud storage services, such as Google Drive in particular, for the purposes of command and control communication.

According to the researchers, behind the Dolphin backdoor is the ScarCruft spy group, also known as APT37 or Reaper, which has been in operation since at least 2012.

The researchers said the group focused its work primarily on South Korea but had also targeted other Asian countries in the past. It is interested in government and military institutions, and companies in various industries linked to North Korean interests.

ESET explained that the Dolphin backdoor, after being deployed on specific targets, searches the disks of the compromised systems in search of files of interest and outputs them to Google Drive.

“Among the unusual capabilities found in previous versions of the backdoor is the ability to modify victims’ Google and Gmail account settings to lower their security level,” the company said. The reason is likely to maintain access to the threat actors’ Gmail account.”

In 2021, the ScarCruft Group launched an attack on a South Korean online newspaper focused on North Korea. The attack consisted of multiple components, such as an exploit for Microsoft’s Internet Explorer web browser.

Since the initial discovery of the Dolphin backdoor in April 2021, ESET researchers have noticed multiple versions of it, as attackers have worked to improve its capabilities in an attempt to avoid detection.

The researchers said that the backdoor has the advantage that it actively searches drives and automatically filters files with interesting extensions, and collects basic information about the target device, including operating system version, list of installed security products, user name, and computer name.

By default, Dolphin searches all hard drives such as HDD, SSD, and non-volatile drives such as USB external storage drives creates directories lists and pulls files by extension. The backdoor also searches for portable devices connected to the computer, such as smartphones, through the Windows Portable Device API.

The backdoor also steals credentials from browsers and is capable of recording keyboard clicks and taking screenshots. Finally, the backdoor includes this data into encrypted zip archives before uploading it to Google Drive.

Don’t Stop Here

More To Explore

solar eclipse eclipse solar eclipse 2024 solar eclipse 2023 eclipse 2024 eclipse 2023 2023 eclipse 2023 solar eclipse april 8 2024 eclipse 2024 total eclipse 2023 solar eclipses 2024 sun eclipse eclipse april 8 2024 eclipse lunar eclipse eclipse of the sun 2024 eclipse solar eclipse eclipse2023 lunar eclipses solar and eclipse solar eclipse solar eclipse solar solar eclipse solar sun eclipse total eclipse in 2024 total eclipse 2024 total solar eclipse 2024 next solar eclipse total eclipse next eclipse total solar eclipse april 2024 eclipse annular solar eclipse annular eclipse 2023 lunar eclipse 2023 annular eclipse eclipse april 2024 april 2024 solar eclipse solar eclipse april 2024 annular solar eclipse 2023 eclipse today 2023 annular eclipse total eclipse of the sun 2024 sun eclipse 2024 totality eclipse 2024 total eclipse april 2024 8 april 2024 eclipse lunar penumbral eclipse october 2023 eclipse of 2024 eclipse of sun today eclipse penumbral eclipse timer full eclipse of the moon lunar eclipses 2023 next eclipse of the sun solaire eclipse solar eclipse of april 20 2023 solar eclipse of october 14 2023 solar eclipse today solar v lunar eclipse sun eclipse next total solar eclipse in 2024 upcoming sun eclipse sun eclipse next total solar eclipse eclipse 2022 great american eclipse 2024 total solar eclipse 2023 total eclipse 2023 next eclipse 2023 full solar eclipse 2024 full eclipse 2024 upcoming solar eclipse full solar eclipse next total eclipse eclipse april 2023 sun eclipse 2023 iso 12312 2 next eclipse 2024 next full solar eclipse total lunar eclipse april eclipse 2024 next solar eclipse 2023 future solar eclipses eclipse in 2024 solar and lunar eclipse full eclipse 2023 2023 total solar eclipse 1993 eclipse 2017 eclipse 2017 solar eclipse 2017 total solar eclipse 2019 eclipse 2022 solar eclipse 2024 solar eclipse best viewing april 20 eclipse april 8 2024 solar eclipse april 8 2024 total solar eclipse april eclipse 2023 april solar eclipse 2024 eclipse 1994

Experience the Solar Eclipse with The Eclipse App: Your Ultimate Companion

An innovative app, tailored to enhance your observation of the total solar eclipse on April 8, 2024, has risen to prominence on the App Store. Titled simply “The Eclipse App,” it has amassed over 140,000 lifetime downloads on both iOS and Android platforms. This app serves as a comprehensive tool for experiencing the celestial event, providing features such as cloud cover forecasts, precise timing for totality at your specific location, and details on local events, parks, and viewing sites in your vicinity.

Twitter Introduces Payments for Verified Creators' Advertisements in Replies, Elon Musk Announces

Brazil Investigates Elon Musk Over X Dispute

Brazil has launched an investigation into Elon Musk over potential obstruction of justice following X’s reversal of a decision to block certain profiles in the country.