The Google Threat Intelligence Group (GTIG) has linked the malicious activity to a threat actor cluster known as UNC5342. This tactic, identified as EtherHiding, represents a novel approach for state-sponsored groups aiming to obfuscate their criminal activities, providing them with a layer of stealth while conducting cyber theft operations.
This incident underscores the evolving nature of cyber threats from state-sponsored entities, particularly those with ties to North Korea. By adopting innovative methods such as EtherHiding, which blends malicious activities with legitimate network traffic, these actors can enhance the efficacy of their cyber operations. The implications are significant, as such techniques can complicate detection and mitigation efforts from cybersecurity professionals, leading to heightened risks for potential targets.
👉 Pročitaj original: The Hacker News
