The FBI has issued an alert to warn organizations of an evolving spearphishing threat from the North Korean state-sponsored cyber actor Kimsuky (also tracked as APT43) that uses malicious QR codes to bypass traditional defenses and steal credentials and session tokens.
According to the alert, the threat group is embedding malicious URLs inside QR codes delivered via highly tailored spearphishing emails — a tactic known as “quishing.”
By forcing targets to scan QR codes with a mobile device, th
