ROKRAT Reloaded

By Talos Group This post was authored by Warren Mercer, Paul Rascagneres and with contributions from Jungsoo (Jason) An. Earlier this year, Talos published 2 articles concerning South Korean threats. The first one was about the use of a malicious HWP document which dropped downloaders used to retrieve malicious payloads on several compromised websites. One of the website was a compromised government website. […]

Source:: Cisco Security Notice