Analyzing threat actor Kimsuky email phishing campaign
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
The report provides an in-depth analysis of the email phishing campaigns conducted by the Kimsuky threat actor group. It highlights their tactics of using diverse themes and subjects to pique the curiosity of recipients, targeting researchers and individuals related to North Korean affairs in an attempt to hijack accounts over several years. The report reveals how the group changes their attack staging servers from Japan to Russia to evade detection, employs malwareless attack strategies using finance-related lures, and underscores the need for proactive security measures against known phishing IP addresses using EDR products.
OPENCTI LABELS :
phishing,north korea,credential theft,impersonation,malwareless
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Analyzing threat actor Kimsuky email phishing campaign