Security News > 2023 > June > North Korea's Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

"Successful compromises of the targeted individuals enable Kimsuky actors to craft more credible and effective spear-phishing emails that can be leveraged against sensitive, high-value targets."

Kimsuky refers to an ancillary element within North Korea's Reconnaissance General Bureau and is known to collect tactical intelligence on geopolitical events and negotiations affecting the regime's interests.

The goal of the Kimsuky's cyber programs, the officials said, is to gain illicit access as well as provide stolen data and valuable geopolitical insight to the North Korean government.

Kimsuky has been observed leveraging open source information to identify potential targets of interest and subsequently craft their online personas to appear more legitimate by creating email addresses that resemble email addresses of real individuals they seek to impersonate.

"Kimsuky actors tailor their themes to their target's interests and will update their content to reflect current events discussed among the community of North Korea watchers."

Earlier this March, German and South Korean government authorities sounded the alarm about cyber attacks mounted by Kimsuky that entail the use of rogue browser extensions to steal users' Gmail inboxes.

News URL

https://thehackernews.com/2023/06/north-koreas-kimsuky-group-mimics-key.html