A new phishing campaign that uses malicious Windows shortcut (LNK) files to target users in South Korea, while abusing GitHub as Command and Control (C2) infrastructure to hide its activity. The operation, linked through tooling and tradecraft to North Korearelated actors, shows a clear evolution from earlier, less obfuscated XenoRAT-delivery campaigns observed since 2024. In […] The post North Korea Uses GitHub as C2 in New LNK Phishing Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/lnk-phishing-campaign/
