Kimsuky, a DPRK cyber group, conducts large-scale social engineering campaigns targeting think tanks, academic institutions, and news outlets for intelligence gathering
The joint Cybersecurity Advisory provides detailed information on Kimsuky's operations, warning signs of spearphishing, and network security measures against their attacks
If you suspect being targeted by a DPRK spearphishing campaign by Kimsuky, report the incident to ic3.gov with reference to "#KimsukyCSA
DPRK cyber actors impersonate trusted sources to collect sensitive information from targets in think tanks, academia, and media sectors
The NSA partners with organizations to release the Cybersecurity Advisory, raising awareness about North Korea's social engineering and hacking methods
The advisory highlights sustained information gathering efforts by Kimsuky, THALLIUM, or VELVETCHOLLIMA, known DPRK cyber actors
Kimsuky's successful compromises enable them to craft more credible spearphishing emails, targeting sensitive, high-value entities