Security News > 2023 > June > NSA and FBI: Kimsuky hackers pose as journalists to steal intel
State-sponsored North Korean hacker group Kimsuky has been impersonating journalists and academics for spear-phishing campaigns to collect intelligence from think tanks, research centers, academic institutions, and various media organizations.
Kimsuky hackers meticulously plan and execute their spear-phishing attacks by using email addresses that closely resemble those of real individuals and by crafting convincing, realistic content for the communication with the target.
"For over a decade, Kimsuky actors have continued to refine their social engineering techniques and made their spear-phishing efforts increasingly difficult to discern," warns the advisory.
In many cases, the hackers impersonate journalists and writers to inquire about current political events in the Korean peninsula, the North Korean weapons program, U.S. talks, China's stance, and more.
If the target does not respond to these emails, Kimsuky returns with a follow-up message after a couple of days.
The FBI says that despite the adversary's efforts, the English emails sometimes have an sentence structure and may contain entire excerpts from the victim's previous communication with legitimate contacts, which had been stolen.
News URL
Related news
- China’s infosec leads accuse Intel of NSA backdoor, cite chip security flaws (source)
- Intel robustly refutes China's accusations it bakes in NSA backdoors (source)
- Intel hits back at China's accusations it bakes in NSA backdoors (source)
- FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions (source)
- FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023 (source)