RGB-D5(included Kimsuky) has distributed Android APK malware - Issuemakers Lab | lazarus.day

RGB-D5(included Kimsuky) has distributed Android APK malware

2020-04-28 • Issuemakers Lab •

https://twitter.com/issuemakerslab/status/1255077612612812800?s=20

#Mobile #RGB-D5

Attachments

ahmyth.jpeg (160 KB)

Thumbnail for RGB-D5(included Kimsuky) has distributed Android APK malware

IssueMakersLab reported that North Korea's RGB-D5, including Kimsuky, distributed Android APK malware to many South Korean users. The post says the malware was created with the open source AhMyth Android RAT, indicating reuse of commodity mobile RAT code rather than a wholly custom implant. The supported CTI value is the DPRK-linked mobile targeting claim, the Kimsuky/RGB-D5 association, and the AhMyth-based APK delivery detail.

Related Actors

RGB-D5

Issuemakers Lab

Kimsuky

First seen: Apr 2020

Last seen: Dec 2020

Related Reports

2020-05-20 • 70% Match

North Korea's attacks on the defense contractor

Issuemakers Lab

#Defense #RGB-D5 #RGB-D3

Shares tag: RGB-D5 • Same author: Issuemakers Lab • Published within a month

2020-04-08 • 70% Match

Operation Daily Coffee

Issuemakers Lab

#Phishing #RGB-D5 #DailyCoffee

Shares tag: RGB-D5 • Same author: Issuemakers Lab • Published within a month

2020-12-24 • 50% Match

Operation Penta Storm

Issuemakers Lab

#PentaStorm #RGB-D5

Shares tag: RGB-D5 • Same author: Issuemakers Lab

2020-11-14 • 50% Match

RGB-D5 Attacks on COVID-19 Vaccine Pharmaceuticals

Issuemakers Lab

#COVID-19 #Healthcare #RGB-D5

Shares tag: RGB-D5 • Same author: Issuemakers Lab

2020-04-09 • 40% Match

MalBus Actor Changed Market from Google Play to ONE Store

Mcafee

#Mobile #MalBus

Shares tag: Mobile • Published within a month

2025-12-16 • 20% Match

Kimsuky Distributing Malicious Mobile App via QR Code

ENKI

#Kimsuky #Mobile #DocSwap

Shares tag: Mobile