News media organizations, academic entities, and think tanks have been warned by U.S. and South Korean intelligence agencies regarding the cyberespionage attacks by North Korean state-sponsored hacking operation Kimsuky, also known as TA406 and Thallium, reports The Record, a news site by cybersecurity firm Recorded Future.
Kimsuky has been leveraging open-source information to identify the targets for its spearphishing attacks, which involve attackers masquerading as academics, journalists, and think tank researchers to secure access to private research, documents, and communications that are being used by North Korea in building its intelligence efforts, according to the joint advisory.
Organizations and individuals impacted by Kimsuky have been urged by the U.S. government to provide information regarding the hackers.
Moreover, Kimsuky members have been given new sanctions by South Korea for their alleged participation in the recent spy satellite launch conducted by North Korea. Other countries' criticism regarding the launch has been disregarded by North Korea.