Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Kimsuky Adopts Malwareless Phishing Tactics

December 2, 2024
Reading Time: 2 mins read
in Alerts
Kimsuky Adopts Malwareless Phishing Tactics

The North Korean hacking group Kimsuky has evolved its cyberattacks by employing malwareless phishing techniques that bypass endpoint detection and response (EDR) systems. These campaigns target researchers and organizations with a focus on North Korea, utilizing convincing emails to deceive victims into providing sensitive information. By avoiding traditional malware, these phishing attempts are more challenging for conventional security tools to detect, increasing their success rate.

A significant change in Kimsuky’s operations involves the shift from Japanese email services to Russian domains for phishing campaigns. This transition has added another layer of complexity, as the use of Russian email providers makes it harder for recipients to identify fraudulent communications. Additionally, the group leverages free domain registration services like “MyDomain[.]Korea” to craft phishing sites that appear legitimate and trustworthy to unsuspecting victims.

The group’s phishing emails frequently impersonate public institutions, financial organizations, and email security managers, often incorporating financial themes to lure victims into interaction. Researchers identified multiple indicators of compromise (IoCs), including domains and IP addresses linked to the campaign. Notable domains include “National Secretary[.]Korea” and “Payment Due Date-Notice[.]Online,” which were used to build a false sense of credibility in their fraudulent schemes.

Cybersecurity experts emphasize the importance of heightened awareness and proactive measures to combat these threats. Organizations are advised to scrutinize email addresses carefully, implement robust security protocols, and update their threat intelligence to stay ahead of evolving tactics. As Kimsuky continues to refine its approach, vigilance remains essential to protecting sensitive information and maintaining cyber resilience against increasingly sophisticated phishing campaigns.

Reference:

  • Kimsuky Employs New Malwareless Phishing Techniques to Evade Detection
Tags: APT43Cyber AlertsCyber Alerts 2024Cyber threatsDecember 2024EDRkimsukyNorth KoreaPhishing
ADVERTISEMENT

Related Posts

FreeDrain Phishing Steals Crypto Funds

FBI Warns Cybercriminals Exploit Routers

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

X Scam Targets Crypto Users with Fake Ads

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

FreeDrain Phishing Steals Crypto Funds

May 9, 2025
COLDRIVER Hackers Target Sensitive Data

COLDRIVER Hackers Target Sensitive Data

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

CoGUI Targets Consumer and Finance Brands

May 8, 2025

Latest Alerts

X Scam Targets Crypto Users with Fake Ads

FBI Warns Cybercriminals Exploit Routers

FreeDrain Phishing Steals Crypto Funds

CoGUI Targets Consumer and Finance Brands

COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

Subscribe to our newsletter

    Latest Incidents

    LockBit Ransomware Data Leaked After Hack

    Spanish Consumer Group Faces Cyberattack

    Education Giant Pearson Hit by Data Breach

    Masimo Cyberattack Disrupts Manufacturing

    Cyberattack Targets Tepotzotlán Facebook

    West Lothian Schools Hit by Ransomware

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial