North Korea-linked APT Kimsuky is likely behind a new remote access trojan called MoonPeak used in a recent campaign spotted by Cisco Talos. Cisco Talos researchers uncovered the infrastructure used by the North Korea-linked APT group tracked as UAT-5394, which experts suspect is linked to the Kimsuky APT group. The infrastructure includes staging, C2 servers, […]
South Korea’s National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. South Korea’s national security and intelligence agencies, including the National Intelligence Service, the Prosecutor’s Office, the Police Agency, the Military Intelligence Command, and the Cyber Operations Command, have issued a joint cybersecurity advisory to warn that […]
Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea. Symantec researchers observed the North Korea-linked group Kimsuky using a new Linux backdoor dubbed Gomir. The malware is a version of the GoBear backdoor which was delivered in a recent campaign by […]
North Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware. Researchers at Genians Security Center (GSC) identified a new attack strategy by the North Korea-linked Kimsuky APT group and collaborated with the Korea Internet & Security Agency (KISA) for analysis and response. The nation-state actor attack used a fake account […]
The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting defense industry entities. The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting defense industry entities to steal defense technology information. North Korea-linked APT groups Lazarus, Andariel, and Kimsuky hacked multiple defense companies in South […]
The US Department of the Treasuryâs Office of Foreign Assets Control (OFAC) announced sanctions against North Korea-linked APT group Kimsuky. The US Department of the Treasuryâs Office of Foreign Assets Control (OFAC) this week announced sanctions against the North Korea-linked APT group Kimsuky. Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium, Velvet Chollima, APT43) was first spotted by Kaspersky researchers in […]
North Korea-linked APT Kimsuky launched a spear-phishing campaign targeting US contractors working at the war simulation centre. North Korea-linked APT group Kimsuky carried out a spear-phishing campaign against US contractors involved in a joint U.S.-South Korea military exercise. The news was reported by the South Korean police on Sunday, the law enforcement also added that […]
North Korea-linked APT Kimsuky has been linked to a social engineering campaign aimed at experts in North Korean affairs. SentinelLabs researchers uncovered a social engineering campaign by the North Korea-linked APT group Kimsuky that is targeting experts in North Korean affairs. The attacks are part of a broader campaign recently detailed in a joint advisory published by […]
North Korea-linked APT group Kimsuky is posing as journalists to gather intelligence, a joint advisory from NSA and FBI warns. A joint advisory from the FBI, the U.S. Department of State, the National Security Agency (NSA), South Koreaâs National Intelligence Service (NIS), National Police Agency (NPA), and the Ministry of Foreign Affairs (MOFA), warns that North-Korea-linked Kimsuky APT […]
The Korean National Police Agency (KNPA) warns that a North Korea-linked APT group had breached the Seoul National University Hospital (SNUH). The Korean National Police Agency (KNPA) revealed that a North Korea-linked APT group has breached one of the largest hospitals in the country, the Seoul National University Hospital (SNUH). The security breach took place […]