NukeSped Malware Exploiting Apache ActiveMQ Vulnerability

The Andariel threat group is exploiting the Apache ActiveMQ remote code execution vulnerability, known as CVE-2023-46604, to install NukeSped and TigerRat backdoors into systems. The group primarily targets South Korean institutions and enterprises including national defense, political groups, energy, telecommunications, and more. Researchers recommend users and corporate security staff to update their systems and applications and be cautious while downloading executable files from unidentified sources.