A new phishing campaign that uses malicious Windows shortcut (LNK) files to target users in South Korea, while abusing GitHub as Command and Control (C2) infrastructure to hide its activity. The operation, linked through tooling and tradecraft to North Korea–related actors, shows a clear evolution from earlier, less obfuscated XenoRAT-delivery campaigns observed since 2024. In […]

The post North Korea Uses GitHub as C2 in New LNK Phishing Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/lnk-phishing-campaign/