Similar AhnLab Response Cases Regarding Korea-US Joint Cyber Security Advice

On June 2nd, the Korean NIS (National Intelligence Service), NPA (National Police Agency), and MOFA (Ministry of Foreign Affairs) released a joint security advisory regarding the spear phishing attacks of North Korea’s Kimsuky group with the US FBI (Federal Bureau of Investigation), DoS (Department of State), and NSA (National Security Agency). The government agencies stated that the act was done to raise awareness of members of global think tanks, academic institutions, and media companies on CNE (Computer Network Exploitation) using social engineering, adding that the group usually impersonates reporters, scholars, or individuals with connections to groups handling North Korea-related policies to launch spear phishing attacks by email.

Title: North Korea Using Social Engineering to Enable Hacking of Think Tanks, Academia, and Media
Security Advisory: National Security Agency (NSA) Link

While the IOCs have not been released, AhnLab Security Emergency response Center (ASEC) had published articles in the past about social engineering methods employed by the Kimsuky hacking group similar to the published details.

[ASEC Blog URLs]

Uploaded Date
Post Title
Link

May 18, 2023
Kimsuky’s Attack Attempts Disguised as Press Releases of Various Topics
Link

May 16, 2023
Kimsuky Group’s Phishing Attacks Targeting North Korea-Related Personnel
Link

Mar. 23, 2023
Kimsuky Group Distributes Malware Disguised as Profile Template (GitHub)
Link

Mar. 8, 2023
CHM Malware Disguised as North Korea-related Questionnaire (Kimsuky)
Link

Nov. 16, 2022
Malicious Word Document Being Distributed in Disguise of a News Survey
Link

Aug. 19, 2022
Malicious Word Files Targeting Specific Individuals Related to North Korea
Link

July 26, 2022
Word File Provided as External Link When Replying to Attacker’s Email (Kimsuky)
Link

Apr. 27, 2022
Word Files Related to Diplomacy and National Defense Being Distributed
Link

Subscribe to AhnLab’s next-generation threat intelligence platform ‘AhnLab TIP’ to check related IOC and detailed analysis information.

The post Similar AhnLab Response Cases Regarding Korea-US Joint Cyber Security Advice appeared first on ASEC BLOG.

Article Link: Similar AhnLab Response Cases Regarding Korea-US Joint Cyber Security Advice – ASEC BLOG

1 post – 1 participant

Read full topic

About The Author

See author's posts