Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign
released on 2023-05-05 @ 08:09:57 AM
Kimsuky is a North Korean advanced persistent threat (APT) group with a long history of targeted attacks across the world. Current understanding of the group indicates they are primarily assigned to intelligence collection and espionage operations in support of the North Korean government since at least 2012. In 2018 the group was observed deploying a malware family dubbed BabyShark, and SentinelLabs latest observations indicate the group has evolved the malware with an expanded reconnaissance capability, they refer to this BabyShark component as ReconShark.