Security News > 2024 > December > North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks
2024-12-03 09:51
The North Korea-aligned threat actor known as Kimsuky has been linked to a series of phishing attacks that involve sending email messages that originate from Russian sender addresses to ultimately conduct credential theft. "Phishing emails were sent mainly through email services in Japan and Korea until early September," South Korean cybersecurity company Genians said. "Then, from mid-September,
News URL
https://thehackernews.com/2024/12/north-korean-kimsuky-hackers-use.html
Related news
- Russian hackers attack Western military mission using malicious drive (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics (source)
- North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages (source)
- Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials (source)
- Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft (source)
- CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download (source)
- Chinese hackers target Russian govt with upgraded RAT malware (source)
- Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials (source)
- Hackers abuse Zoom remote control feature for crypto-theft attacks (source)