The North Korean threat group is using a new PowerShell backdoor to compromise development environments and target cryptocurrency holdings.

DR (DZone Research) offers insights into software development trends, industry surveys, and technology adoption patterns, providing reports, whitepapers, and analyst insights to help businesses make informed decisions and stay competitive in the ever-evolving tech landscape. By exploring DR's curated content, developers can gain insights into emerging technologies, developer preferences, and industry best practices for building innovative and market-leading software solutions. Whether you're a startup founder, product manager, or tech executive, DR offers resources to guide your strategic planning and drive business success.

Dark Reading

North Korean APT group Konni is conducting a phishing campaign targeting blockchain developers across Asia-Pacific with an AI-generated PowerShell backdoor. The campaign marks a shift from Konni's typical South Korean government targets to development environments in Japan, Australia, and India. The backdoor features unusually polished code structure with clear documentation, suggesting AI-assisted development. Attackers use lures disguised as legitimate project documentation to compromise development environments and gain access to cryptocurrency holdings, API credentials, and infrastructure.

DPRK's Konni Targets Blockchain Devs With AI-Generated Backdoor