Kroll has uncovered a sophisticated cyberattack leveraging vulnerabilities in ConnectWise ScreenConnect software to deploy a variant of the BabyShark malware dubbed ToddlerShark. This targeted campaign exploits ScreenConnect flaws in the remote access tool to gain unauthorized access and deliver the malicious payload. Diving into details The North Korean APT group Kimsuky is reportedly exploiting ScreenConnect […]
The North Korean hacking group Kimsuky is using newly disclosed ScreenConnect vulnerabilities to deploy a polymorphic malware variant called ToddleShark for espionage and data theft.
The attackers are targeting healthcare organizations in the U.S. using local ScreenConnect instances used by Transaction Data Systems (TDS), a pharmacy supply chain and management systems solution provider.