Tag: Kimsuky

Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called …

18 December 2025

Apps, Credential Harvesting, Delivery, Kimsuky, Mobile
GitHub Abused by Kimsuky Hackers Delivering Malware Through LNK Files

GitHub repositories for malware delivery through sophisticated weaponized LNK files, according to recent analysis by S2W’s Threat …

10 September 2025

Cyber Security News, Cyber Threats, Files, Hacking, Kimsuky
Kimsuky Hackers’ Playbook Uncovered in Exposed ‘Kim’ Data Dump

A rare breach attributed to a North Korean–affiliated actor named “Kim” by the leakers has unveiled unprecedented insight into …

8 September 2025

Cyber Security News, Data Dump, Exposed, Kimsuky, Playbook
Kimsuky APT Exposed: GPKI Certificates, Rootkits, and Cobalt Strike Assets Uncovered

A comprehensive operational dump from the North Korean Kimsuky APT organization, also known as APT43, Thallium, or Velvet Chollima, …

25 August 2025

Assets, Certificates, Cyber Security News, Exposed, Kimsuky
North Korean Kimsuky Hackers Use GitHub to Target Foreign Embassies with XenoRAT Malware

The Trellix Advanced Research Center exposed a DPRK-linked espionage operation attributed to the Kimsuky group (APT43), targeting …

19 August 2025

Cyber Security News, Cyber Threats, Foreign, Hacking, Kimsuky
Kimsuky APT Uses LNK Files to Deploy Reflective Malware and Evade Windows Defender

The North Korean state-sponsored group Kimsuky, also known as APT43, Thallium, and Velvet Chollima, has been accused of launching a recent …

5 August 2025

Cyber Security News, Deploy, Files, Kimsuky, LNK
New Kimsuky campaign takes aim on social media users

North Korean state-sponsored advanced persistent threat group Kimsuky has leveraged Facebook, Telegram, and email to compromise South …

11 June 2025

IT, Kimsuky, Malware, New, News
Kimsuky APT Group Deploys PowerShell Payloads to Deliver XWorm RAT

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced Persistent Threat …

20 May 2025

APT, Cyber Security News, Kimsuky, Payloads, RAT
Kimsuky Hacker Group Deploys New Phishing Techniques and Malware Campaigns

The North Korean state-sponsored Advanced Persistent Threat (APT) group Kimsuky, also known as “Black Banshee,” has been active since …

12 May 2025

Campaigns, Cyber Security News, Kimsuky, New, Techniques
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan

Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky …

21 April 2025

BlueKeep, Breach, Identity Theft, Japan, Kimsuky
PowerShell exploited in new Kimsuky intrusions

After establishing trust with targets through the spoofing of a South Korean government official, Kimsuky — also known as APT43, …

13 February 2025

Breach, IT, Kimsuky, Microsoft, PowerShell
Kimsuky shifts tactics from traditional backdoors to RDP, proxies

The North Korean threat group Kimsuky recently shifted tactics away from traditional backdoors to leveraging the remote desktop protocol …

7 February 2025

IT, Kimsuky, News, Threat Intelligence

{"loadingDistance":1200,"stickyPosts":[],"nextPageLink":"https://itts.at/archives/tag/kimsuky/page/2","queryId":2}

●●●