Through blogs posts, Hackers from North Korea targeted South Korean think tanks.

ByShehryar Makhdoom | Published date:

The Kimsuky threat organization has been blamed for the resumption of attacks. Infectious blog posts from a North Korean hacker organization have been targeting South Korean think institutions.

The state-sponsored advanced persistent threat (APT) organization has been trying to place monitoring and theft-based malware on victim computers since June 2021.

Cybercriminals are using malicious Blogspot content to lure "South Korean think tanks that specialize on political, diplomatic, and military matters relevant to North Korea, China, Russia, and the United States," according to Cisco Talos researchers on Wednesday.

The APT appears to have a particular interest in geopolitical and aeronautical organizations.

When did Kimsuky first start posting? "Global intelligence gathering" is what the APT is entrusted with by North Korea, according to an alert given by the US Cybersecurity and Infrastructure Security Agency (CISA) in 2020. South Korea, Japan, and the United States have all had victims of this crime.