216.73.217.80

Inside Kimsuky’s Latest Cyberattack: Analyzing Malicious Scripts and Payloads

· Published 27/03/2025 21:47 · Modified 27/03/2025 21:54

Export JSON

Essential information

Published
27/03/2025 21:47
Modified
27/03/2025 21:54
Tags
2025-03-27 64677cae14a2ec4d393a81548417b61b apt group black banshee c2 command chrome edge file firefox kimsuky naver whale rats zip file
Related entities
1 intrusion sets (apt), 11 techniques (mitre), 1 malware, 3 others

Description

, also known as “,” a North Korean active at least from 2012, is believed to be state-sponsored. Their cyber espionage targets countries like South Korea, Japan, and the U.S. Their tactics include phishing, malware infections (, backdoors, wiper malware), supply chain attacks, lateral movement within networks and data exfiltration.

External references