North Korean hacker group KONNI uses Google Find Hub feature for the first time to remotely wipe data from Android devices
ChainCatcher reported that security researchers have discovered a new attack method developed by the North Korean hacker group KONNI, which for the first time uses Google's Find Hub asset tracking feature to carry out remote data wipe attacks on Android devices.
The attackers disguised themselves as psychological counselors and human rights activists, distributing malware called "Stress Relief Program" via the KakaoTalk communication platform in South Korea. Once victims execute these files, the attackers steal Google account credentials, use the Find Hub feature to track device locations, and perform remote resets, resulting in the deletion of personal data.
This attack has been confirmed as a follow-up action of the KONNI APT campaign, which is closely linked to the North Korean government-backed Kimsuky and APT 37 groups. Security experts recommend that users strengthen account security, enable two-factor authentication, and remain vigilant about files received through instant messaging tools.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
DUNI surges over 37 times in 24 hours, launched by Uniswap Foundation on zora in September
On Polymarket, the probability that the Lighter token's FDV will exceed $3 billion on the day after its launch is 68%.
Analysis: BTC market focus is shifting to the $94,000–$95,000 range
Matrixport: Bitcoin May Have Entered a Minor Bear Market Phase
