APT Group Kimsuky Targets University Researchers
Aug. 9, 2024, 12:09 p.m.
Tags
External References
Description
A report detailing an ongoing cyberattack campaign by the North Korean APT group Kimsuky, which is targeting university staff, researchers, and professors to conduct espionage and gather intelligence for the North Korean government. The group employs phishing tactics, compromised infrastructure, and customized phishing tools to steal login credentials and gain access to university networks, enabling them to pilfer research and sensitive data.
Date
Published: Aug. 9, 2024, 11:40 a.m.
Created: Aug. 9, 2024, 11:40 a.m.
Modified: Aug. 9, 2024, 12:09 p.m.
Indicators
http://penlu.or.kr/data/view.xn--php-9o0a
nsmnop99@gmail.com
nolpoaw@daum.net
nkodfgl@gmail.com
nmakope@daum.net
nboipw@daum.net
nasaioy0@gmail.com
nasndaoop@gmail.com
naokilw@daum.net
nanmskeo@gmail.com
nahoiu95@gmail.com
nabsoiu@daum.net
aaa@naver.com
no-reply@sisileae.com
en.asaninst.org
wodos.online
wodods.xyz
sorsi.online
simos.online
osihi.store
penlu.or.kr
nusiu.live
dorray.site
audko.store
Attack Patterns
Kimsuky
T1588
T1598
T1082
T1057
T1102
T1192
T1027
T1053
T1056
T1566
T1078
T1003
T1059
Additional Informations
Education
Government
United Kingdom of Great Britain and Northern Ireland
United States of America