Daily NewsMobile & WirelessThreat Detection & Defense

Korea-Based Genians Detects Massive Malware Distribution, Attributes It to Hacking Group ‘Konni’

Evolving Hacking Tactics Adding to the Dangers of Today's Already Threat-Infested Digital Landscape

Genians, a cybersecurity company based in South Korea, has reported a massive malware distribution in the country. According to Genians’ threat analysis report, “State-Sponsored Remote Wipe Tactics Targeting Android Devices,” the company had “identified signs of a large-scale malware distribution campaign involving simultaneous attacks on smartphones, tablets, and PCs.”

The Genians report also attributed the large-scale cyberattack to North Korea-based Konni, a hacking group reportedly linked to Kimsuky and APT37. Both Kimsuky and APT37 are said to operate under North Korea’s Reconnaissance General Bureau.

Genians Outlines How the Attack Was Carried Out

According to Genians’ report, the attack began on 5 September 2025, when hackers infiltrated the smartphone of a local psychological counsellor. The initial attack supposedly spread malicious code disguised as a “stress relief app” to the counsellor’s contacts via the messaging platform KakaoTalk. A second wave of attacks followed on 15 September 2025, this time with the perpetrators using another victim’s KakaoTalk account to distribute malware to 36 people.

The hackers then monitored the victims’ GPS through Find Hub, a GPS-based tool that helps users locate lost or stolen devices. Once the victims were outside their homes, the hackers remotely controlled the former’s communication platforms, whether on their PCs or on their tablets, to spread malicious code. They also wiped the victims’ smartphones to disable communication to delay response efforts.

“This is the first known case in which hackers simultaneously stole user accounts and disabled multiple devices,” said a Genians official, who also noted that “North Korean hacking techniques are becoming increasingly sophisticated.”

Vigilance Is Key as Hacking Evolves

In light of the attack, Genians has also outlined measures to take, including the following:

  • Enable two-step verifications where applicable.
  • Turn off PCs and other similar gadgets when leaving the house.
  • Verify the safety of files shared through messaging or communication platforms such as KakaoTalk.

These measures are more critical now than ever given how hacking tactics are evolving and becoming more advanced and sophisticated. Generative AI, in particular, could lead to more realistic and more dangerous deepfakes and hyper-personalised phishing campaigns—making vigilance and cyber safety a premium nowadays.

Martin Dale Bolima

Martin has been a Technology Journalist at Asia Online Publishing Group (AOPG) since July 2021, tasked primarily to handle the company’s Disruptive Tech Asia and Disruptive Tech News online portals. He also contributes to Cybersecurity ASEAN and Data&Storage ASEAN, with his main areas of interest being artificial intelligence and machine learning, cloud computing and cybersecurity. A seasoned writer and editor, Martin holds a degree in Journalism from the University of Santo Tomas in the Philippines. He began his professional career back in 2006 as a writer-editor for the University Press of First Asia, one of the premier academic publishers in the Philippines. He next dabbled in digital marketing as an SEO writer while also freelancing as a sports and features writer.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *