Kimsuky targets South Korean entities with phishing campaign

Threat Advisories

Kimsuky targets South Korean entities with phishing campaign

August 26, 2022
Threat Level
Amber
Actor Report

For a detailed threat advisory, download the pdf file here

Summary

As of 2010, Kimsuky has targeted the governments, think tanks, media, and education entities of the United States and South Korea. Early in 2022, a new attack cluster GoldDragon was observed targeting media and a South Korean think-tank. As part of its new cluster, the actor sends spear-phishing emails with macro-embedded Word documents.

Recent Posts

Join Our Newsletter 14,000+ subscribers and growing! Get top cybersecurity news delivered directly to your inbox.
Sign Up to Receive Our Weekly Threat Digest