Kimsuky Phishing Operations Putting In Work
Contents
Wayback Machine
https://threatconnect.com/blog/kimsuky-phishing-operations-putting-in-work/
10 captures
29 Oct 2020 - 28 Jun 2022
OCT NOV JAN
Previous capture 03 Next capture
2019 2020 2022
About this capture
Solution
Integrations
Partners
Resources
Company
Blog
REQUEST A DEMO
LOGIN
09.28.20
Kimsuky Phishing Operations Putting In Work
IN BLOG, FEATURED ARTICLE, THREAT RESEARCH | BY THREATCONNECT RESEARCH TEAM
Executive Summary
Recently, an international NGO that provides threat sharing and analysis support to frequently targeted communities reached out to ThreatConnect wanting to learn more about the origins of a targeted phishing attack they were researching. Researching both the attacker’s infrastructure and tooling, we believe the nexus of the attack to be DPRK’s Kimsuky group (aka Velvet Chollima). Kimsuky is notorious for their phishing efforts; researchers even dubbed this group the “King of Spear Phishing” in a 2019 VirusBulletin paper. They are also believed to be behind the attacks on Korea Hydro & Nuclear Power in 2014. The potential targets identified in this research range from journalism to civil society organizations. We suspect the …
https://threatconnect.com/blog/kimsuky-phishing-operations-putting-in-work/
10 captures
29 Oct 2020 - 28 Jun 2022
OCT NOV JAN
Previous capture 03 Next capture
2019 2020 2022
About this capture
Solution
Integrations
Partners
Resources
Company
Blog
REQUEST A DEMO
LOGIN
09.28.20
Kimsuky Phishing Operations Putting In Work
IN BLOG, FEATURED ARTICLE, THREAT RESEARCH | BY THREATCONNECT RESEARCH TEAM
Executive Summary
Recently, an international NGO that provides threat sharing and analysis support to frequently targeted communities reached out to ThreatConnect wanting to learn more about the origins of a targeted phishing attack they were researching. Researching both the attacker’s infrastructure and tooling, we believe the nexus of the attack to be DPRK’s Kimsuky group (aka Velvet Chollima). Kimsuky is notorious for their phishing efforts; researchers even dubbed this group the “King of Spear Phishing” in a 2019 VirusBulletin paper. They are also believed to be behind the attacks on Korea Hydro & Nuclear Power in 2014. The potential targets identified in this research range from journalism to civil society organizations. We suspect the …