New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea
New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea
03 November 2025
The North Korea-linked threat actor known as Kimsuky has distributed a previously undocumented backdoor codenamed HttpTroy as part of a likely spear-phishing attack targeting a single victim in South Korea.
Gen Digital, which disclosed details of the activity, did not reveal any details on when the incident occurred, but noted that the phishing email contained a ZIP file ("250908_A_HK이노션