all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign

Add to bookmarks
May 4, 2023, 2:02 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

By Tom Hegel and Aleksandar Milenkoski


Executive Summary



  • SentinelLabs has observed ongoing attacks from Kimsuky, a North Korean state-sponsored APT that has a long history of targeting organizations across Asia, North America, and Europe.

  • Ongoing campaigns use a new malware component we call ReconShark, which is actively delivered to specifically targeted individuals through spear-phishing emails, OneDrive links leading to document downloads, and the execution of malicious macros.

  • ReconShark functions as a reconnaissance tool with unique execution instructions and server communication …

america apt asia attacks call campaign campaigns capabilities europe executive global history kimsuky malware malware analysis north north america north korean organizations reconnaissance reconshark sentinellabs sponsored state targeting tom hegel

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Triaging Files on VirusTotal 3 hours ago | malware.news
malware analysis topic
Win 95, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland... - SWN #379 15 hours ago | malware.news
article frontier kubernetes lastpass +4
5.3M World-Check records may be leaked; how to check your records 15 hours ago | malware.news
access article check claim +11
More on the PAN-OS CVE-2024-3400 16 hours ago | malware.news
alto april customer cve +29
LabHost Phishing Platform is Latest Target of International Law Agencies 16 hours ago | malware.news
as-a-service countries cybercriminal disrupt +19
Active adversary report: Ransomware hit a ceiling, but security teams at risk for more pain 17 hours ago | malware.news
active adversary adversary article attacks +8
The CVE's They are A-Changing!, (Wed, Apr 17th) 17 hours ago | malware.news
changing cve downloads feed +7
Akira takes in $42 million in ransom payments, now targets Linux servers 18 hours ago | malware.news
akira article critical functions +12
How to Determine Causal Effects when A/B Tests are Infeasible through Adopter Analysis 19 hours ago | malware.news
analysis article blog global +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Staff DFIR Investigator

@ SentinelOne | United States - Remote
View on infosec-jobs.com

Senior Consultant.e (H/F) - Product & Industrial Cybersecurity

@ Wavestone | Puteaux, France
View on infosec-jobs.com

Information Security Analyst

@ StarCompliance | York, United Kingdom, Hybrid
View on infosec-jobs.com

Senior Cyber Security Analyst (IAM)

@ New York Power Authority | White Plains, US
View on infosec-jobs.com
View more jobs