Cybersecurity researchers from Lookout Threat Lab have identified a sophisticated Android surveillance tool, dubbed “KoSpy”, believed to be the work of North Korean hackers. Active since March 2022, KoSpy is associated with the North Korean threat group APT37 (ScarCruft), disguised as legitimate utility applications. Once installed, it can gather a vast range of sensitive user data, focusing on Korean and English-speaking targets. KoSpy symbolizes an advanced evolution in North Korean cyber espionage capabilities.
Chinese Hackers Target European Diplomats with Malware
MirrorFace, a threat actor tied to Chinese cyberespionage, has expanded its activity outside East Asia, targeting a European organization with updated hacking tools. Researchers from
