The North Korean threat actor Kimsuky has launched a new campaign distributing a variant of Android malware named DocSwap through QR codes on phishing sites that impersonate Seoul-based CJ Logistics. This operation involves using QR codes and notification pop-ups to entice victims into downloading and executing the malware on their mobile devices. The tactic highlights Kimsuky’s evolving methods of cyber infiltration. As cyber threats increase, vigilance against such deceptive practices is crucial.
Loading PerspectiveSplit analysis...
