- Source: Kimsuky
Kimsuky (also known as Velvet Chollima, Black Banshee, THALLIUM, or Emerald Sleet) is a North Korean state-backed hacker group and advanced persistent threat that targets South Korean think tanks, industry, nuclear power operators, and the South Korean Ministry of Unification for espionage purposes. In recent years Kimsuky has expanded its operations to target states such as Russia, the United States, and European nations.
History
According to the U.S. Cybersecurity and Infrastructure Security Agency Kimsuky has likely been active since 2012.
In March 2015 it was reported that South Korea claimed Kimsuky stole data from Korea Hydro & Nuclear Power.
In August 2019 it was reported that Kimsuky was targeting retired South Korean diplomats, government, and military officials, in an attack called "the first of its kind."
In September 2020 it was reported that Kimsuky attempted to hack 11 officials of the United Nations Security Council.
A lawmaker from the People Power Party reported that, in May 2021, Kimsuky was detected within the internal networks of the Korea Atomic Energy Research Institute.
See also
Lazarus Group
Ricochet Chollima