skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

TIDRONE Threat Actor Targets South Korean Companies

/ 1 min read

🕵️‍♂️ TIDRONE threat actor targets Korean companies with ERP exploitation. AhnLab Security Intelligence Center (ASEC) has reported that the TIDRONE threat group is attacking companies in South Korea by exploiting Enterprise Resource Planning (ERP) software to install backdoor malware known as CLNTEND. This group, previously linked to attacks on Taiwanese defense firms, has been active since July 2024, utilizing DLL side-loading techniques to distribute malware through compromised ERP systems developed by small companies. The malware supports various communication protocols and is designed to evade detection through obfuscation methods. ASEC advises users to enhance security measures and keep their software updated to mitigate risks associated with these attacks.

Source
{entry.data.source.title}
Original