Executive Summary A sustained quishing (QR-code phishing) campaign conducted by the North Korea–linked APT group Kimsuky (aka Larva-24005) has been actively targeting government, defense, and critical infrastructure organizations. According to a recent FBI warning, Kimsuky operators embed malicious QR codes in emails and documents to redirect victims to attacker-controlled infrastructure, enabling credential harvesting, malware delivery, […]
The post Silent Scan, Stolen Secrets: Kimsuky’s QR-Code Phishing Campaign appeared first on SecPod Blog.
