Alias Description | Votes |
---|---|
Bluenoroff is a possible alias for Kandykorn. BlueNoroff, a threat actor group linked to North Korea, has been identified as the malicious entity behind several high-profile cyber-attacks. Since first making headlines with an attack on Sony Pictures in 2014, BlueNoroff and its parent group Lazarus have been involved in numerous notorious securi | 3 |
TA444 is a possible alias for Kandykorn. TA444, also known as BlueNoroff, APT28, Nickel Gladstone, Sapphire Sleet, Stardust Chollima, and other monikers, is a prolific North Korean state-backed threat actor known for its malicious cyber activities. The group has been continuously generating proprietary malware, distinguishing it from other | 3 |
Spectralblur is a possible alias for Kandykorn. SpectralBlur is a newly detected malware, identified as a macOS backdoor, that has been making headlines since the start of 2024. It was first spotted by cybersecurity experts who have tentatively attributed its creation and deployment to the Bluenoroff group. This malicious software, like others of | 3 |
Rustbucket is a possible alias for Kandykorn. RustBucket is a malicious software (malware) specifically targeting macOS systems, first reported in 2023 and attributed to the North Korea-linked threat actor group, BlueNoroff. This malware was initially uncovered in 2021 as part of the RustBucket campaign and has since evolved into multiple varia | 2 |
Sockracket is a possible alias for Kandykorn. | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Objcshellz Malware is associated with Kandykorn. ObjCShellz is a lightweight malware written in Objective-C, known for its advanced obfuscation features. Discovered by Jamf Threat Labs in November 2023, this malware operates as a relatively simple backdoor, serving as a remote shell that allows an attacker to execute arbitrary commands. It's typic | Unspecified | 3 |
The Swiftloader Malware is associated with Kandykorn. SwiftLoader is a sophisticated malware that functions as a PDF viewer to lure unsuspecting victims. It was initially used in the RustBucket campaign, where it served as a second-stage malware, infecting systems through seemingly innocent downloads such as documents sent to targets. Notably, SwiftLoa | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Lazarus Group Threat Actor is associated with Kandykorn. The Lazarus Group, a notorious threat actor attributed to North Korea, is renowned for its malicious activities aimed at furthering the country's objectives. This group has been implicated in several high-profile cyber-attacks, including an attack in Spain known as Operation DreamJob. The exploitati | Unspecified | 4 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Unit42 | 3 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 7 months ago | ||
Securityaffairs | 8 months ago | ||
Securityaffairs | 8 months ago | ||
Securityaffairs | 8 months ago | ||
Securityaffairs | 8 months ago | ||
Securityaffairs | 9 months ago | ||
Securityaffairs | 9 months ago | ||
Securityaffairs | 9 months ago | ||
Securityaffairs | 9 months ago | ||
Securityaffairs | 10 months ago |