Security News > 2023 > June > NSA and FBI: Kimsuky hackers pose as journalists to steal intel

NSA and FBI: Kimsuky hackers pose as journalists to steal intel
2023-06-02 18:07

State-sponsored North Korean hacker group Kimsuky has been impersonating journalists and academics for spear-phishing campaigns to collect intelligence from think tanks, research centers, academic institutions, and various media organizations.

Kimsuky hackers meticulously plan and execute their spear-phishing attacks by using email addresses that closely resemble those of real individuals and by crafting convincing, realistic content for the communication with the target.

"For over a decade, Kimsuky actors have continued to refine their social engineering techniques and made their spear-phishing efforts increasingly difficult to discern," warns the advisory.

In many cases, the hackers impersonate journalists and writers to inquire about current political events in the Korean peninsula, the North Korean weapons program, U.S. talks, China's stance, and more.

If the target does not respond to these emails, Kimsuky returns with a follow-up message after a couple of days.

The FBI says that despite the adversary's efforts, the English emails sometimes have an sentence structure and may contain entire excerpts from the victim's previous communication with legitimate contacts, which had been stolen.


News URL

https://www.bleepingcomputer.com/news/security/nsa-and-fbi-kimsuky-hackers-pose-as-journalists-to-steal-intel/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Intel 6314 31 755 708 45 1539
NSA 2 0 2 7 5 14