Targeting of analysts of North Korean affairs

Date of report

June 2023

Affiliations

Kimsuky

Kimsuky used social engineering techniques to deploy ReconShark malware against former South Korean government officials and researchers focused on North Korean affairs. The group focused on expanding access to affected systems and stealing subscriptions to the North Korea-focused news website NKNews.

Suspected victims

Researchers focused on North Korean affairs

Suspected state sponsor

Korea (Democratic People's Republic of)

Type of incident

Espionage

Target category

Civil society

Victim government reaction

Unknown

Policy response

Unknown

Suspected state sponsor response

Unknown

New Social Engineering Campaign Aims to Steal Credentials and Gather Strategic Intelligence

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events