North Korean APT Kimsuky aka Black Banshee – Active IOCs
Contents
Analysis Summary
Kimsuky is a North Korean advanced persistent threat (APT) group, also known as "Black Banshee". The group has been active since at least 2012 and is believed to be state-sponsored. Kimsuky is known for conducting cyber espionage operations and targeting organizations and individuals in various countries, including South Korea, Japan, and the United States. The group has been observed using various techniques to compromise its targets, such as phishing attacks, malware infections, and supply chain attacks. The group's ultimate goals and motivations are not well understood, but they are generally believed to be focused on intelligence gathering and political or economic gain. The tactics, techniques, and procedures (TTPs) used by the Kimsuky APT group are constantly evolving, but some of their most commonly used methods include:
- Phishing attacks: The group has been known to send phishing emails that contain malicious attachments or links to compromised websites.
- Malware infections: Kimsuky …
Kimsuky is a North Korean advanced persistent threat (APT) group, also known as "Black Banshee". The group has been active since at least 2012 and is believed to be state-sponsored. Kimsuky is known for conducting cyber espionage operations and targeting organizations and individuals in various countries, including South Korea, Japan, and the United States. The group has been observed using various techniques to compromise its targets, such as phishing attacks, malware infections, and supply chain attacks. The group's ultimate goals and motivations are not well understood, but they are generally believed to be focused on intelligence gathering and political or economic gain. The tactics, techniques, and procedures (TTPs) used by the Kimsuky APT group are constantly evolving, but some of their most commonly used methods include:
- Phishing attacks: The group has been known to send phishing emails that contain malicious attachments or links to compromised websites.
- Malware infections: Kimsuky …
IoC
https://bit-albania.com/templates/hacker/css.php?na=sam1
https://bit-albania.com/templates/hacker/css.php?na=xam1
315d3f8ead6f173261c06c04b385737bb7a03c12
d11b41aee220b451393598677d7e62b4ff8fb1989bcdea4a9a25a6d207c5aa39
548c04abddb39c52136d29cf54921fa3
https://bit-albania.com/templates/hacker/css.php?na=xam1
315d3f8ead6f173261c06c04b385737bb7a03c12
d11b41aee220b451393598677d7e62b4ff8fb1989bcdea4a9a25a6d207c5aa39
548c04abddb39c52136d29cf54921fa3