SentinelLabs’ analysis comes days after the U.S.
#CHINESE ESPIONAGE GROUP DEPLOYS WINDOWS SYSTEMS FREE#
Kimsuky was also observed sending legitimate Google Docs links and Word documents that were free of malware in order to develop a rapport with their targets before initiating their malicious activities. Gaining access to users’ NK News credentials would provide the North Korean hackers with “valuable insights into how the international community assesses and interprets developments related to North Korea, contributing to their broader strategic intelligence-gathering initiatives,” wrote Aleksandar Milenkoski, a senior threat researcher at SentinelLabs. In another attack observed by SentinelLabs, Kimsuky distributed an email that asked subscribers to log in to a spoofed NK News subscription service. In some cases, the Kimsuky hackers also delivered a weaponized Microsoft Office document that executes the ReconShark malware, which is capable of exfiltrating information like what detection mechanisms are in use on a device and information about the device itself. SentinelLabs observed Kimsuky impersonating Chad O’Carroll, the founder of NK News, to deliver a spoofed Google Docs web link to NK News subscribers, which redirected to a malicious website specifically crafted to capture a victim’s Google credentials. Kimsuky’s latest social engineering campaign targeted subscribers of NK News, an American subscription-based website that provides stories and analysis about North Korea. The group, also known as APT43, Thallium and Black Banshee, has been operating since at least 2012 and is known for using social engineering and targeted phishing emails and to gather sensitive information on behalf of the North Korean regime. SentinelLabs researchers said on Tuesday that they had linked a social engineering campaign targeting experts in North Korean affairs to a North Korean advanced persistent threat (APT) group known as Kimsuky. Security researchers have warned that North Korean government-backed hackers are impersonating journalists to gather strategic intelligence to help guide the country’s decision making.
0 kommentar(er)
