The North Korean threat actor Kimsuky used spear-phishing techniques to masquerade as websites and applications to get victims to input their credentials. The victims included a security officer at the International Atomic Energy Agency.
- The International Atomic Energy Agency and Korea Aerospace Industries, a South Korean defense contractor
Suspected state sponsor
- Korea (Democratic People's Republic of)
Type of incident
Victim government reaction