Security News > 2024 > July > Japan warns of attacks linked to North Korean Kimsuky hackers
Japan's Computer Emergency Response Team Coordination Center is warning that Japanese organizations are being targeted in attacks by the North Korean 'Kimsuky' threat actors.
The US government has attributed Kimsuky as a North Korean advanced persistent threat group that conducts attacks against targets worldwide to gather intelligence on topics of interest to the North Korean government.
Japan says Kimsuky attacks were detected earlier this year, and attribution was based on indicators of compromise shared by AhnLab Security Intelligence Center in two separate reports.
"JPCERT/CC has confirmed attack activities targeting Japanese organizations by an attack group called Kimsuky in March 2024," warns the JPCERT. Starts with phishing.
The attackers start their attacks by sending phishing emails impersonating security and diplomatic organizations to targets in Japan, carrying a malicious ZIP attachment.
Kimsuky hackers deploy new Linux backdoor in attacks on South Korea.
News URL
Related news
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Japan warns of IO-Data zero-day router flaws exploited in attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Radiant links $50 million crypto heist to North Korean hackers (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- Russian hackers use RDP proxies to steal data in MiTM attacks (source)
- North Korean hackers stole $1.3 billion worth of crypto this year (source)
- North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin (source)