Malware
AppleSeed
First seen: 2021-01 • Status: active
Currently Active Threat
AppleSeed is a North Korean backdoor used by the Kimsuky hackers to target South Korean organizations.
Overview
AppleSeed is a backdoor used by North Korean Kimsuky group. It targets South Korean think tanks and government.
How It Spreads
- • Spear-phishing
- • HWP document exploits
What It Does
- • Backdoor access
- • Data theft
- • Additional payload delivery
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor for HWP exploits
- • Watch for Kimsuky indicators
MITRE ATT&CK Techniques
T1566, T1105
If You're Infected
- 1.
Nation-state incident response
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required