Major South Korean electronics manufacturer hit by data theft breach
Incident
Summary
Hide ▲
Show ▼
A major South Korean electronics manufacturer suffered a week-long intrusion in February 2026, giving attackers time to conduct reconnaissance, credential theft, and data exfiltration. The compromise is tied to MuddyWater activity and used DLL sideloading to blend malicious code into legitimate software. Because the intruders maintained access for days, the event creates risk for industrial secrets and downstream network access.
Related Happenings
Mistic backdoor attack activity targeting enterprise sectors since April
Malware Activity
H score33
First: 24.06.2026 13:41
Last: 24.06.2026 13:41
Sources 1
About this happening:
The **Mistic** backdoor is being used in **financially motivated attacks** against **insurance, education, IT, and professional services** organizations, giving operators a stealt...
Mistic backdoor attack activity targeting enterprise sectors since April
Malware ActivityAbout this happening: The **Mistic** backdoor is being used in **financially motivated attacks** against **insurance, education, IT, and professional services** organizations, giving operators a stealt...
Backdoor.Turn Microsoft Teams TURN relay malware activity
Malware Activity
H score29
First: 16.06.2026 13:18
Last: 16.06.2026 13:18
Sources 1
About this happening:
**Backdoor.Turn** is a **Go-based RAT** tied to **DragonForce ransomware** operators that hid command-and-control traffic through **Microsoft Teams TURN relay infrastructure** dur...
Backdoor.Turn Microsoft Teams TURN relay malware activity
Malware ActivityAbout this happening: **Backdoor.Turn** is a **Go-based RAT** tied to **DragonForce ransomware** operators that hid command-and-control traffic through **Microsoft Teams TURN relay infrastructure** dur...
Major U.S. services company hit by ransomware attack linked to DragonForce
Incident
H score38
First: 16.06.2026 13:18
Last: 16.06.2026 13:18
Sources 1
About this happening:
A **DragonForce ransomware** incident hit a **major U.S. services firm** in **December 2025**, with attackers maintaining access for **one to two months** and hiding **command-and...
Major U.S. services company hit by ransomware attack linked to DragonForce
IncidentAbout this happening: A **DragonForce ransomware** incident hit a **major U.S. services firm** in **December 2025**, with attackers maintaining access for **one to two months** and hiding **command-and...
MuddyWater broad cyber-espionage campaign across sectors and countries
Campaign
H score37
First: 14.05.2026 00:59
Last: 14.05.2026 00:59
Sources 1
How related:
The Iran-linked hacking group MuddyWater (a.k.a. Seedworm, Static Kitten) launched a broad cyber-espionage campaign targeting at least nine high-profile organizations across multiple sectors and countries.
About this happening:
**MuddyWater** was tied to a **2026 espionage campaign** affecting **at least nine organizations** across **nine countries** on **four continents**, with victims in **industrial a...
MuddyWater broad cyber-espionage campaign across sectors and countries
CampaignHow related: The Iran-linked hacking group MuddyWater (a.k.a. Seedworm, Static Kitten) launched a broad cyber-espionage campaign targeting at least nine high-profile organizations across multiple sectors and countries.
About this happening: **MuddyWater** was tied to a **2026 espionage campaign** affecting **at least nine organizations** across **nine countries** on **four continents**, with victims in **industrial a...
PCPJack credential theft framework worms across exposed cloud infrastructure
Malware Activity
H score27
First: 08.05.2026 12:00
Last: 08.05.2026 12:00
Sources 1
About this happening:
The **PCPJack** malware activity is extending a **credential-theft** operation across **exposed cloud infrastructure**, stripping **TeamPCP** artifacts and stealing access from se...
PCPJack credential theft framework worms across exposed cloud infrastructure
Malware ActivityAbout this happening: The **PCPJack** malware activity is extending a **credential-theft** operation across **exposed cloud infrastructure**, stripping **TeamPCP** artifacts and stealing access from se...
Timeline
-
14.05.2026 00:59 2 articles · 1mo ago
Major South Korean electronics manufacturer hit by data theft breach
Initial DisclosureDuring the initial phase in **late February 2026**, attackers established a foothold inside the electronics manufacturer's network and began **host and domain reconnaissance**. They then used **DLL sideloading** and legitimate binaries to run malicious code while preparing for credential theft and persistence.
Show sources
- Iranian hackers targeted major South Korean electronics maker — www.bleepingcomputer.com — 14.05.2026 00:59
- Iranian hackers targeted major South Korean electronics maker — www.bleepingcomputer.com — 14.05.2026 00:59