Targeting of experts in North Korea policy issues
Date of report
  • April 2023
In a recent phishing campaign, North Korean threat actor Kimsuky posed as media outlets and think tanks and requested interviews or information about North Korea. The emails contained malicious links redirecting to fake login pages that harvested user credentials.
Suspected victims
  • Government and military personnel, think tanks, policymakers, academics, and researchers in South Korea and the United States
Suspected state sponsor
  • Korea (Democratic People's Republic of)
Type of incident
  • Espionage
Target category
  • Government
  • Civil society
  • Private sector
Victim government reaction
  • Unknown
Policy response
Suspected state sponsor response