Similar AhnLab Response Cases Regarding Korea-US Joint Cyber Security Advice

On June 2nd, the Korean NIS (National Intelligence Service), NPA (National Police Agency), and MOFA (Ministry of Foreign Affairs) released a joint security advisory regarding the spear phishing attacks of North Korea’s Kimsuky group with the US FBI (Federal Bureau of Investigation), DoS (Department of State), and NSA (National Security Agency). The government agencies stated that the act was done to raise awareness of members of global think tanks, academic institutions, and media companies on CNE (Computer Network Exploitation) using social engineering, adding that the group usually impersonates reporters, scholars, or individuals with connections to groups handling North Korea-related policies to launch spear phishing attacks by email.

  • Title: North Korea Using Social Engineering to Enable Hacking of Think Tanks, Academia, and Media
  • Security Advisory: National Security Agency (NSA) Link

While the IOCs have not been released, AhnLab Security Emergency response Center (ASEC) had published articles in the past about social engineering methods employed by the Kimsuky hacking group similar to the published details.

[ASEC Blog URLs]

Uploaded Date Post Title Link
May 18, 2023 Kimsuky’s Attack Attempts Disguised as Press Releases of Various Topics Link
May 16, 2023 Kimsuky Group’s Phishing Attacks Targeting North Korea-Related Personnel Link
Mar. 23, 2023 Kimsuky Group Distributes Malware Disguised as Profile Template (GitHub) Link
Mar. 8, 2023 CHM Malware Disguised as North Korea-related Questionnaire (Kimsuky) Link
Nov. 16, 2022 Malicious Word Document Being Distributed in Disguise of a News Survey Link
Aug. 19, 2022 Malicious Word Files Targeting Specific Individuals Related to North Korea Link
July 26, 2022 Word File Provided as External Link When Replying to Attacker’s Email (Kimsuky) Link
Apr. 27, 2022 Word Files Related to Diplomacy and National Defense Being Distributed Link

Subscribe to AhnLab’s next-generation threat intelligence platform ‘AhnLab TIP’ to check related IOC and detailed analysis information.

5 1 vote
Article Rating
Notify of

1 Comment
Inline Feedbacks
View all comments

[…] post Similar AhnLab Response Cases Regarding Korea-US Joint Cyber Security Advice appeared first on ASEC […]