Kimsuky
North Korean APT group focused on intelligence gathering, targeting South Korean government, think tanks, and nuclear energy organizations.
Also known as: kimsuky, velvet chollima, emerald sleet, thallium, black banshee, krypton, baby shark
AI Intelligence Brief cached
Edit Profile
Entity Relationships
Related YARA Rules View all on YARA Rules page →
90-Day Activity
All Articles (5)
Last 90 Days
All Time
North Korean hackers Kimsuky target South Korea with new malware variants
Kimsuky, also known as Velvet Chollima, utilized spoofed security software installation pages and fake Webex meeting invitations to deliver malware.
Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Kore...
Kimsuky Uses LNK, JSE Lures to Target Recruiters, Crypto Users, Defense Officials
Kimsuky Hackers Use LNK and JSE Lures to Target Recruiters, Crypto Users, and Defense Officials. North Korea-linked threat group Kimsuky has launched at leas...
Kimsuky targets organizations with PebbleDash-based tools
Kaspersky researchers analyze a range of new PebbleDash-based tools used in recent Kimsuky campaigns and reveal their connection to the AppleSeed malware clu...