Date of report
- Aug 2019
Affiliations
A threat actor targeted a number of foreign ministries, a Chinese technology company, Stanford University, think tanks in the United States and the United Kingdom, and other entities that have focused on North Korea’s nuclear efforts or the related international sanctions. The threat actor created a network of malicious websites imitating the login portals of targets. This incident is believed to be an extension of the 2018 BabyShark campaign.
Suspected victims
- French Ministry for Europe and European Affairs, Ministry of Foreign and European Affairs of the Slovak Republic, Stanford University, Sina, Foreign ministry of the South African government
Suspected state sponsor
- Korea (Democratic People's Republic of)
Target category
- Government
- Private sector