Several Google Play Store apps, targeting English and Korean speakers, were found to be collecting sensitive user information and technical data for North Korean agents. The apps contained malware and spyware which bypassed Google’s security checks. The spyware was attributed to the North Korean APT group ScarCruft and is relatively new. Users are being advised to download apps from trusted sources and check app permissions and shared data.
Microsoft warns of new remote access trojan targeting crypto wallets
Microsoft has discovered a new remote access trojan (RAT) called StilachiRAT that targets 20 cryptocurrency wallet extensions in the Google Chrome browser. The malware can
