Critical Infrastructure Security, Threat Intelligence

Feds warn of new Kimsuky phishing attack techniques

North Korea flag is depicted on the screen with the program code. The concept of modern technology and site development

The U.S. State Department, National Security Agency, and the FBI have issued a joint advisory warning organizations across the country, especially educational entities, non-profits, and think tanks, regarding the increasingly advanced phishing techniques leveraged by North Korean state-backed hacking group Kimsuky, also known as APT43, Emerald Sleet, and Velvet Chollima, Nextgov reports.

Improper configuration of the Domain-based Message Authentication, Reporting and Conformance, or DMARC, protocol has been exploited by Kimsuky to facilitate the compromise of organizations' email domains and impersonate legitimate users, said the joint advisory. Organizations have been urged to defend against such intrusions by implementing DMARC policy changes, including configuration re-coding to restrict certain messages, on top of carefully examining incoming emails.

Such an advisory comes months after Kimsuky and other North Korean operatives were sanctioned by the U.S. Treasury Department for their involvement in cyberattacks aimed at gathering intelligence to support the interests of North Korea.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.