A North Korean hacking group is utilizing the RokRat Trojan in a fresh wave of campaigns against the South Korean government.
The Remote Access Trojan (RAT) has been connected to attacks based on the exploit of a Korean language word processor commonly used in South Korea for several years; specifically, the compromise of Hangul Office documents (.HWP).
In the past, the malware has been used in phishing campaigns that lure victims through emails containing attachments with a political theme — such as Korean unification and North Korean human rights.
Read more…
Source: ZDNet