The Evolution of DEEP#GOSU Attack Campaign by Kimsuky Group

Threat Level – Amber | Vulnerability Report
Download PDF

A sophisticated multi-stage attack campaign linked to the North Korean Kimsuky group, dubbed DEEP#GOSU. Using PowerShell and VBScript, the attackers leverage remote access trojan (RAT) software for full control over infected hosts, while employing legitimate services like Dropbox for command and control communication to evade detection.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox