Security News > 2024 > July > Japan warns of attacks linked to North Korean Kimsuky hackers
Japan's Computer Emergency Response Team Coordination Center is warning that Japanese organizations are being targeted in attacks by the North Korean 'Kimsuky' threat actors.
The US government has attributed Kimsuky as a North Korean advanced persistent threat group that conducts attacks against targets worldwide to gather intelligence on topics of interest to the North Korean government.
Japan says Kimsuky attacks were detected earlier this year, and attribution was based on indicators of compromise shared by AhnLab Security Intelligence Center in two separate reports.
"JPCERT/CC has confirmed attack activities targeting Japanese organizations by an attack group called Kimsuky in March 2024," warns the JPCERT. Starts with phishing.
The attackers start their attacks by sending phishing emails impersonating security and diplomatic organizations to targets in Japan, carrying a malicious ZIP attachment.
Kimsuky hackers deploy new Linux backdoor in attacks on South Korea.
News URL
Related news
- North Korean govt hackers linked to Play ransomware attack (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean hackers pave the way for Play ransomware (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- North Korean hackers employ new tactics to compromise crypto-related businesses (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)