lazarusholic

Everyday is lazarus.dayβ

BlueMoonSoft

#BlueMoonSoft

Summary

In April 2025, the North Korean hacking group Kimsuky exploited a stolen code-signing certificate from South Korean software company Blue Moon Soft to distribute malware disguised as legitimate software. This breach allowed the attackers to sign malicious code, making it appear trustworthy to security systems and users. The compromised certificate was used to target various South Korean institutions, including the Korea Institute of Machinery and Materials.

Reports