It has recently been revealed that APT37, a North Korean cyberespionage group, has used high-end malware to steal information from a private computer owned by a former South Korean intelligence official. The government-supported espionage group used the so-called Goldbackdoor malware intending to steal sensitive information from carefully selected targets.
It is believed that the said operation began in March and is still ongoing. The attacker, known under several aliases including Reaper, InkySquid, ScarCruft, and Ricochet Collima, also tried to carry out a phishing attack by impersonating NK News to distribute a malware that would target journalists who used the said source.
Upon a deeper investigation, it has been found that the Goldbackdoor malware they used is the successor of the well-known Bluelight malware that APT37 previously used in a series of attacks against South Korean newspapers.
It is no secret that journalists are a common target of cyber-espionage attacks. Given the nature of their job, they often go against the government’s ideals in sharing stories and experiences with the major public. When not happy with the outcome of their work, governments can easily hire attackers such as APT37 to eliminate the threats quietly.
How to Secure Private Devices and Prevent Cyberattacks
The main question is, how do we protect private devices from being affected by widespread malware similar to Goldbackdoor? If you want to learn more about this specific malware, you can find a detailed overview here.
As far as securing private devices goes, your best bet is combining high-quality antivirus software and a virtual private network. Naturally, a lot goes into maintaining proper security online, from raising awareness about upcoming threats to avoiding suspicious links and being aware of phishing scams.
If your device already has pre-installed antivirus software, make sure to check whether it is active or not. In some cases, pre-installed software requires you to pay a subscription fee which, if you’re not aware, can result in the program not running actively. In other words, just because you have one installed, it doesn’t mean your device is antivirus protected.
Moreover, a great way to add another layer of security is to install a VPN or a virtual private network. A VPN is a service that allows you to connect your device to a distant server and thus encrypt all incoming and outgoing traffic. Although this might sound complex, VPNs are very easy to use.
These days, most high-end VPN services are made to be very user-friendly, meaning you don’t need to be tech-savvy to understand how to set it up and make it work. Simply find the right VPN service, purchase a subscription plan that suits your needs, activate the service, and you’re good to go.
Beware of Phishing Scams
Although you might not be a government-targeted internet user, it doesn’t mean you’re not at risk of falling for common phishing attacks happening all over the web these days.
We highly recommend taking some time to understand what phishing scams are and how they work to protect your data and devices in time. Cyberthreats are always evolving, so it’s important to learn how to stay on top of the game at all times.