Hackers
The United States Department of State issued an alert last Thursday regarding the activity of the North Korean hacker group known as ‘Kimsuky’. This group is linked to the military intelligence of Pyongyang (North Korea) and has adopted a new tactic to enhance its social engineering and hacking actions.
The alert emphasizes North Korea’s exploitation of misconfigured DNS domain-based authentication, notification, and compliance registration policies.
This allows North Korea to impersonate legitimate email sender domains to more effectively conceal spear-phishing attempts, a technique used to target specific individuals or groups within an organization and trick them into disclosing confidential information, downloading malware, or unknowingly sending payments to the attacker.
The group’s modus operandi involves posing as journalists, scholars, or experts on East Asian affairs, and their main targets are think tanks, academic institutions, media, and NGOs.
Their goal is to collect information that may affect North Korea’s interests by accessing private documents, research, and communications of their targets.
This is not the first time Washington has warned about the activity of North Korean hacker groups. There have been numerous reports of their efforts to gather intelligence information from both the United States and South Korea, as well as other countries they consider a political, military, or economic threat.
