QR Code Chaos: North Korean Malware Targets Android Users with Fake Delivery Apps

Kimsuky, the North Korean cyber trickster, is back with a new Android malware called DocSwap, spread via phishing sites mimicking CJ Logistics. Victims are lured through QR codes, installing an app that spies on their every move. It’s like downloading a nosy roommate you never wanted! Stay vigilant and avoid suspicious QR codes.

3P
Published: December 18, 2025 8:53 amAdded: December 18, 2025 at 1:16 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like Kimsuky is back at it again, trading in the traditional spycraft for some high-tech malarkey. They’ve ditched the trench coats and fedoras for QR codes and Android malware, hoping to catch a few more victims than the last phishing expedition. Who knew all it took to become a 21st-century cyber-spy was a little creativity and a lot of malicious code?

Key Points:

  • Kimsuky, a North Korean threat actor, has been linked to distributing Android malware via QR codes.
  • The malware, dubbed DocSwap, is disseminated through phishing sites mimicking CJ Logistics.
  • The attack involves tricking victims into installing malicious apps by claiming they are legitimate delivery services.
  • The malware can log keystrokes, capture audio, and perform a variety of other malicious activities.
  • Phishing sites also mimic popular South Korean platforms to harvest user credentials.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?