A document purporting to be about the planned June summit between President Trump and North Korean leader Kim Jong-Un is being used as a lure for downloading malware. The decoy document is a Hangul Word Processor document titled “Prospects for US-North Korea Summit” It contains an Encapsulated PostScript object designed to download and execute a remote access Trojan that Talos has dubbed NavRAT. The Trojan is downloaded from a legitimate Korean website that appears to have been compromised and used to host the malware. North Korea’s Group 123 is believed to be behind new malware activity targeting users in South Korea.”]