Targeting of experts in North Korea policy issues

Date of report

April 2023

Affiliations

Kimsuky

In a recent phishing campaign, North Korean threat actor Kimsuky posed as media outlets and think tanks and requested interviews or information about North Korea. The emails contained malicious links redirecting to fake login pages that harvested user credentials.

Suspected victims

Government and military personnel, think tanks, policymakers, academics, and researchers in South Korea and the United States

Suspected state sponsor

Korea (Democratic People's Republic of)

Type of incident

Espionage

Target category

Government
Civil society
Private sector

Victim government reaction

Unknown

Policy response

Unknown

Suspected state sponsor response

Unknown

How we’re protecting users from government-backed attacks from North Korea
Google TAG Warns of North Korean-linked ARCHIPELAGO Cyberattacks

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events