U.S., S. Korea Issue Alert On Threats Posed By N. Korean Hacker Kimsuky

U.S. and South Korean authorities have warned about the social engineering and hacking threats posed by the North Korean state-backed hacker group Kimsuky.

Thursday, the U.S. Department of State, the Federal Bureau of Investigation, and the National Security Agency together with partners from the South Korean Ministry of Foreign Affairs, National Police Agency, and National Intelligence Service jointly released a Cybersecurity Advisory.

Kimsuky, also known as Velvet Chollima and Black Banshee, conducts large-scale social engineering campaigns targeting think tanks, academic institutions, and news outlets, which are manipulated and compromised for the purpose of intelligence gathering.

According to the U.S. Cybersecurity and Infrastructure Security Agency, Kimsuky has likely been active since 2012.

The joint Cybersecurity Advisory provides detailed information on how Kimsuky actors operate, warning signs of spear phishing campaigns, and mitigation measures that can be implemented to enhance network security against Kimsuky operations.

The U.S. State Department urged victims of spear phishing campaigns by Kimsuky to report the incident to www.ic3.gov and reference #KimsukyCSA in the description.

In March, South Korean and German authorities warned that Kimsuky is spreading malicious Chrome extensions that targeted Gmail accounts and an Android spyware that served as a remote access trojan.

Meanwhile, in response to Pyongyang’s failed attempt to launch a military reconnaissance satellite earlier this week, South Korea imposed new sanctions against Kimsuky on Friday.

“It [Kimsuky] has collected intelligence from individuals and institutions in diplomacy, security, and national defense and has provided it to the North Korean regime,” the South Korean Foreign Ministry said in a press release Friday. “In addition, North Korean hacking organizations, including ‘Kimsuky,’ have been directly or indirectly involved in developing North Korea’s so-called ‘satellite’ by stealing advanced technologies globally related to weapons development, artificial satellites, and space.”

Source: Read Full Article