Hackers Weaponize PuTTY SSH Client to Deploy Backdoors & Establish Communication Over WhatsApp

From cybersecuritynews.com

Hackers Weaponize PuTTY SSH

The adversaries from North Korea are deploying critical backdoors on the devices of targets by using trojanized versions of the PuTTY SSH client. Posing as a fake Amazon job application to put backdoors onto their devices.

It is an interesting element in this campaign that a trojanized version of the PuTTY and KiTTY SSH utilities has been used as a means of deploying a backdoor. While in this case, the PuTTY and KiTTY SSH utility is ‘AIRDRY.V2’.

Read more…