Threat Research

    Famous Chollima Deploying Python Version of GolangGhost RAT

    In May 2025, the North Korean-aligned threat actor Famous Chollima began deploying a Python-based version of their remote access trojan (RAT) called PylangGhost, which shares many capabilities with the previously known GolangGhost RAT. The Python RAT targets Windows systems, while the Golang version continues to target MacOS users....
    6/19/2025  0
    Read More »

    Russian Infrastructure Plays Crucial Role in North Korean Cybercrime Operations

    Multiple Russian IP address ranges—masked through VPNs, proxy servers, and VPS infrastructure—are being used in cybercrime operations aligned with North Korea's Void Dokkaebi group (also known as Famous Chollima). These IPs are linked to companies near the North Korea-Russia border and support IT workers operating from countries like China, Russia, and Pakistan....
    4/24/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.