New Phishing Attack Discovers SuperBear
- A new phishing attack in South Korea has led to the discovery of a new remote access Trojan called SuperBear.
- The attack was targeted at civil society groups, particularly an activist whose name was not disclosed.
- The file associated with the attack was a malicious LNK file, sent from an email address impersonating a member of the non-profit organization, Interlabs.
The Bear of Bad News: SuperBear Trojan Revealed
In an event that can only be described as a “real bear of a situation”, a recent phishing attack in South Korea has uncovered a new remote access trojan named, rather appropriately, SuperBear. This sneaky malware crawled out of the cyber woods, revealing itself as a consequence of a cyber-assault on civil society groups. Who knew that bears and phishing went together like fish and honey!
Target Practice: Activist Phished
While the bear might like to target an entire forest, this attack was notably specific. The unsuspecting salmon – err, I mean, activist, had their personal information breached. The target’s name wasn’t disclosed, but we can safely say they are likely not having a “beary” good time. The culprit? A malicious LNK file, dressed up to look like it was just another friendly bear in the forest.
Identity Theft: Impersonating Interlabs
The bear’s disguise was rather cunning, as it took the form of a member of the non-profit organization, Interlabs. This sneaky move is the modern day equivalent of a wolf in sheep’s clothing, but with far more bytes…I mean, bites. The unsuspecting recipient received the file in late August 2023.
To summarize, the bear is out of the cave with the recent reveal of a fresh remote access trojan, or RAT, conveniently dubbed SuperBear. It’s been prying into the private lives of civil society groups in South Korea, particularly focusing on an unsuspicious activist. The RAT was concealed cleverly in a malicious LNK file, feigning to be from a member of the non-profit organization Interlabs. So, readers, next time you go phishing, remember to up “bear” arms. To all activists, stay vigilant and “bear-ware” of any suspicious files!
Original Article: https://thehackernews.com/2023/09/new-superbear-trojan-emerges-in.html