UNC4034

Pierluigi Paganini September 16, 2022
North Korea-linked APT spreads tainted versions of PuTTY via WhatsApp

North Korea-linked threat actor UNC4034 is spreading tainted versions of the PuTTY SSH and Telnet client. In July 2022, Mandiant identified a novel spear phish methodology that was employed by North Korea-linked threat actor UNC4034. The attackers are spreading tainted versions of the PuTTY SSH and Telnet client. The attack chain starts with a fake […]