Tag: Kimsuky

Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data
News

Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data

As part of a continuing intelligence gathering operation, the use of a new malicious Google Chrome extension that is intended to steal sensitive information has been connected to the North Korea-affiliated threat actor known as Kimsuky. After noticing the activity in early March 2024, Zscaler ThreatLabz nicknamed the extension TRANSLATEXT, emphasizing its capacity to collect cookies, browser screenshots, email addresses, usernames, and passwords. It is claimed that the targeted effort was launched against academics in South Korea who specialize in North Korean political issues. Kimsuky is a well-known North Korean hacker group that has been operating since at least 2012. They plan financially driven attacks and cyberespionage against South Korean organizations read more about Kim...
Kimsuky Targets Think Tanks and News Media with Social Engineering Attacks
News

Kimsuky Targets Think Tanks and News Media with Social Engineering Attacks

A social engineering campaign that targeted experts in North Korean issues with the intention of collecting Google credentials and distributing reconnaissance malware has been traced to the North Korean nation-state threat actor known as Kimsuky. Further, Kimsuky's goal includes stealing NK News subscription information, according to a report from the cybersecurity company SentinelOne that was provided with The Hacker News. "To accomplish this, the organisation sends out emails that persuade recipients to sign up for the malicious website nknews[.]pro, which poses as the legitimate NK News website read more Kimsuky Targets Think Tanks and News Media with Social Engineering Attacks. Stay one step ahead of cyber threats with ReconBee.com. Explore our comprehensive coverage of recen...