The Velvet Chollima APT group has launched an advanced cyberattack targeting global government institutions, NGOs, and media through sophisticated spear-phishing campaigns. The attack employs social engineering techniques like “ClickFix” to trick users into executing PowerShell commands, establishing long-term remote access. #VelvetChollima #ClickFix
Keypoints
- The group targets entities across multiple continents, including North America and Europe.
- The attack starts with spear-phishing emails posing as South Korean government correspondence.
- Malicious PDFs contain hidden hyperlinks leading to fake CAPTCHA pages that initiate malicious scripts.
- The campaign uses registry modifications to ensure persistence even after system restarts.
- Organizations are advised to strengthen email filtering and employee training to defend against these tactics.
Read More: https://gbhackers.com/velvet-chollima-apthackers-target-government-officials/