lazarusholic

Everyday is lazarus.dayβ

NickelKimball

SecureWorks
https://www.secureworks.com/research/threat-profiles/nickel-kimball
"NICKEL KIMBALL has operated on behalf of the North Korean government since at least 2012. It primarily targets non-governmental organizations (NGOs), think tanks, diplomatic agencies, military organizations, economic groups, and research entities, particularly those involved with North Korean policy and relations. The group originally appeared to focus on South Korean organizations before expanding to similar organizations in other countries. The threat actors also seek to obtain access to online accounts and networks to track North Korean defectors and their relatives."

- SecureWorks, https://www.secureworks.com/research/threat-profiles/nickel-kimball

Also known as

 
Name Named by AKA First seen Last seen
APT-C-55 Qihoo360 Kimsuky 2021-11-19 2025-02-11
APT-Q-2 Qianxin Kimsuky 2022-03-23 2024-06-20
APT43 Mandiant Kimsuky 2023-03-28 2025-02-12
BlackBanshee PWC Kimsuky 2020-02-18 2022-04-29
Cerium Microsoft Kimsuky 2021-10-07 2022-11-07
CloudDragon TeamT5 Kimsuky 2021-05-07 2023-05-12
DarkPeony NTTSecurity Kimsuky 2024-06-05 2024-06-13
DarkPlum NTTSecurity Kimsuky 2024-10-03 2024-11-19
EarthKumiho TrendMicro Kimsuky 2022-05-10 2025-03-18
G0094 MITRE Kimsuky 2019-08-26 2019-08-26
ITG16 IBM Kimsuky - -
KTA082 Kroll Kimsuky 2024-03-05 2024-03-05
KimDragon TeamT5 Kimsuky 2021-05-07 2021-05-07
Kimsuky Kaspersky - 2013-09-11 2025-03-19
Larva-24005 Ahnlab Kimsuky 2025-02-27 2025-02-27
NNPTGroup SelfGiven Kimsuky 2014-12-15 2015-04-02
NickelKimball SecureWorks Kimsuky - 2024-10-08
Phisherman KRCERT Kimsuky 2020-02-29 -
RGB-D5 IssuemakersLab Kimsuky 2020-04-08 2020-12-24
RedKim KRCERT Kimsuky - -
SectorA05 NSHC Kimsuky 2019-01-10 2025-03-17
SeedpuNK S2W Kimsuky 2024-10-02 2024-10-02
SharpTongue Volexity Kimsuky 2022-07-28 2023-10-05
SparklingPisces PaloaltoNetworks Kimsuky 2024-09-09 2024-09-26
Springtail Symantec Kimsuky 2024-03-20 2024-05-16
TA408 Proofpoint Kimsuky 2021-11-19 2021-11-19
TA427 Proofpoint Kimsuky 2021-11-19 2024-04-20
TAG-46 RecordedFuture Kimsuky 2024-01-10 2024-01-10
TAG-66 RecordedFuture Kimsuky 2024-01-10 2024-01-10
Thallium Microsoft Kimsuky 2019-12-30 2022-02-16
UAT-5394 CiscoTalos Kimsuky 2024-08-21 2024-09-02
UNC1130 Mandiant Kimsuky 2021-08-18 2022-08-18
VelvetChollima CrowdStrike Kimsuky 2019-02-19 2025-02-21
puNK-004 S2W Kimsuky 2025-03-13 2025-03-13

Reports