Security News > 2024 > July > Japan warns of attacks linked to North Korean Kimsuky hackers
Japan's Computer Emergency Response Team Coordination Center is warning that Japanese organizations are being targeted in attacks by the North Korean 'Kimsuky' threat actors.
The US government has attributed Kimsuky as a North Korean advanced persistent threat group that conducts attacks against targets worldwide to gather intelligence on topics of interest to the North Korean government.
Japan says Kimsuky attacks were detected earlier this year, and attribution was based on indicators of compromise shared by AhnLab Security Intelligence Center in two separate reports.
"JPCERT/CC has confirmed attack activities targeting Japanese organizations by an attack group called Kimsuky in March 2024," warns the JPCERT. Starts with phishing.
The attackers start their attacks by sending phishing emails impersonating security and diplomatic organizations to targets in Japan, carrying a malicious ZIP attachment.
Kimsuky hackers deploy new Linux backdoor in attacks on South Korea.
News URL
Related news
- KnowBe4 mistakenly hires North Korean hacker, faces infostealer attack (source)
- North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks (source)
- U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals (source)
- Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine (source)
- North Korean Hackers Target Brazilian Fintech with Sophisticated Phishing Tactics (source)
- Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks (source)
- CoinStats says North Korean hackers breached 1,590 crypto wallets (source)
- Hackers attack HFS servers to drop malware and Monero miners (source)
- Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks (source)
- Chinese APT40 hackers hijack SOHO routers to launch attacks (source)