Analysis of Kimsuky Group's AppleSeed Malware Attack Trends [Wednesday, December 27, 2023]

Analysis of Kimsuky Group's AppleSeed Malware Attack Trends [Wednesday, December 27, 2023]
Report

Analysis of Kimsuky Group's AppleSeed Malware Attack Trends

Description :
The Kimsuky threat group, which is said to be backed by North Korea, has been active since 2013. Initial attacks on South Korea's North Korea-related research institutes have been confirmed, followed by attacks on South Korea's energy institutions in 2014 and attacks on other countries outside of South Korea since 2017. Spear phishing attacks are primarily aimed at stealing information and technology from organizations in the national defense, defense industry, media, diplomacy, state institutions, and academia.

Published Created Modified
2023-12-27 16:52:37 2023-12-27 16:52:37 2023-12-27 17:08:21

Tags

Indicators

IPv4s :
  • 104.168.145.83
  • 159.100.6.137
URLs :
  • http://107.148.71.88:993
  • http://38.110.1.69:993
  • http://45.114.129.138:33890
  • http://159.100.6.137:993
  • http://45.114.129.138:5500
  • http://104.168.145.83:993
  • http://update.doumi.kro.kr/aha/
  • http://update.onedrive.p-e.kr/aha/
  • http://doma2.o-r.kr//
  • http://tehyeran1.r-e.kr//
  • http://update.ahnlaib.kro.kr/aha/
  • http://yes24.r-e.kr/aha/
  • http://bitburny.kro.kr/aha/
  • http://my.topton.r-e.kr/address/
  • http://bitthum.kro.kr/hu/
  • http://nobtwoseb1.n-e.kr//
  • http://octseven1.p-e.kr//
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.