Right now we're working on a new Netsky variant which was found this evening.

As the author of the original Netsky family is out of business, these recent Netskies all seem to be hacks made by third parties. Tonight's variant contains two hidden strings: "SoonChunHyang" and "Bucheon".


Well, turns out there's a University called SoonChunHyang in the city of Bucheon, South Korea. So I'd guess this variant has something to do with South Korea.

We're just about to add detection of this thing as Netsky.AG. It also drops a keylogger which we will detect with some generic name.