Kimsuky, the notorious North Korean nation-state threat actor, has been linked to a social engineering campaign targeting experts on North Korean affairs in order to steal Google credentials and deliver reconnaissance malware. Using spoofed URLs, websites imitating legitimate web platforms, and Office documents weaponized with ReconShark malware, Kimsuky engages in extensive email correspondence. The activity shows […]
The post Kimsuky Strikes Again: New Campaign Targets Credentials and Intelligence appeared first on Heimdal Security Blog.