North Korea-associated advanced persistent threat group TA406, aka Kimsuky or Thallium, has ramped up its cyberespionage operations in 2021, targeting diplomats and
North Korean APT Group Steps Up Espionage Ops in 2021 govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.
APT Group Kimsuky Has New Attack Technique, Researchers Say
Compliance
@prajeetspeaks) • June 9, 2021 Get Permission
Researchers at Malwarebytes have uncovered the latest tactics, techniques and procedures used by the North Korean threat group Kimsuky, also known as Thallium, Black Banshee and Velvet Chollima, as it continues to launch espionage attacks. This time it is using an AppleSeed backdoor.
The Kimsuky group, which has been active since 2012, primarily focuses on government entities in South Korea, but also conducts espionage campaigns against targets in the U.S. and Japan.
The Malwarebytes Threat Intelligence team has been monitoring Kimsuky activities and was able to spot its phishing websites, malicious documents and scripts used to target high-profile people within the government of South Korea.