Analysis of the Triple Combo Threat of the Kimsuky Group

SUMMARY :

The Genians Security Center (GSC) detected an APT (Advanced Persistent Threat) campaign targeting users of Facebook, email, and Telegram in Korea between March and April 2025. The threat actor explored reconnaissance and selected attack targets through two Facebook accounts.

OPENCTI LABELS :

apt,powershell,shell,facebook,execution,telegram,kimsuky,babyshark,dll file,appleseed,linkedin,vmprotect,username,kimsuky group,flowerpower,golddragon


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Analysis of the Triple Combo Threat of the Kimsuky Group