Kimsuky targets South Korean entities with phishing campaign

Threat Level – Amber | Vulnerability Report
Download PDF

As of 2010, Kimsuky has targeted the governments, think tanks, media, and education entities of the United States and South Korea. Early in 2022, a new attack cluster GoldDragon was observed targeting media and a South Korean think-tank. As part of its new cluster, the actor sends spear-phishing emails with macro-embedded Word documents.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox