Targeting of analysts of North Korean affairs
Date of report
  • June 2023
Kimsuky used social engineering techniques to deploy ReconShark malware against former South Korean government officials and researchers focused on North Korean affairs. The group focused on expanding access to affected systems and stealing subscriptions to the North Korea-focused news website NKNews.
Suspected victims
  • Researchers focused on North Korean affairs
Suspected state sponsor
  • Korea (Democratic People's Republic of)
Type of incident
  • Espionage
Target category
  • Civil society
Victim government reaction
  • Unknown
Policy response
Suspected state sponsor response