Kimsuky targets South Korean entities with phishing campaign

Threat Advisories

Kimsuky targets South Korean entities with phishing campaign

Threat Level
Actor Report

For a detailed threat advisory, download the pdf file here

Summary

As of 2010, Kimsuky has targeted the governments, think tanks, media, and education entities of the United States and South Korea. Early in 2022, a new attack cluster GoldDragon was observed targeting media and a South Korean think-tank. As part of its new cluster, the actor sends spear-phishing emails with macro-embedded Word documents.

Sign up to receive our Weekly Threat Digest