APT Malware Trend

2023 Dec. – Threat Trend Report on Kimsuky Group

Jan 04 2024

Overview

The Kimsuky group’s activities in December 2023 showed an overall decrease in comparison to November, but phishing (ETC) domains increased by almost threefold with all the others showing a slight decrease.

Attack Statistics

Compared to November, the number of fully qualified domain names (FQDNs) decreased slightly to 39, out of which phishing (ETC) domains were the most detected with 29 in total. Besides that, 1 FlowerPower, 2 RandomQuery, and 7 AppleSeed instances were found.

Figure 1. FQDN statistics by attack type in the last 3 months (Unit: each)

MD5

02843206001cd952472abf5ae2b981b2

0cce02d2d835a996ad5dfc0406b44b01

153383634ee35b7db6ab59cde68bf526

1f9ed5bffd1e3060366546ff8952861d

32519b46b55792084240f850e0c94298

FQDN

20kgjdow[.]atwebpages[.]com

api[.]dong-won[.]r-e[.]kr

doma2[.]o-r[.]kr

edoc[.]p-e[.]kr

fethty[.]sportsontheweb[.]net

38[.]110[.]1[.]69

2023 Dec. – Threat Trend Report on Kimsuky Group

Overview

Attack Statistics

2023 Dec. – Threat Trend Report on Ransomware Statistics and Major Issues

Threat Trend Report on Deep Web & Dark Web – Ransomware Groups & Cybercrime Forums and Markets of December 2023

Overview

Attack Statistics

Tags:

2023 Dec. – Threat Trend Report on Ransomware Statistics and Major Issues

Threat Trend Report on Deep Web & Dark Web – Ransomware Groups & Cybercrime Forums and Markets of December 2023