Kimsuky
MITRE G0144Also known as Velvet Chollima, APT43, Ruby Sleet, Black Banshee, Sparkling Pisces, Springtail, Cerium
Reports
4
First seen
Nov 6
Last seen
May 29
Motivation
espionage, espionage and geopolitical objectives
Targeting
Sectors
government ×2
Victim regions
South Korea ×2
Top ATT&CK techniques
T1041 Exfiltration Over C2 Channel ×3T1566 Phishing ×3T1219 Remote Access Software ×2T1561 Disk Wipe ×2T1557 Adversary-in-the-Middle ×2T1486 Data Encrypted for Impact ×2T1190 Exploit Public-Facing Application ×2T1078 Valid Accounts ×1T1113 Screen Capture ×1T1543 Create or Modify System Process ×1T1110 Brute Force ×1T1021 Remote Services ×1
Indicators
filename ×22hash_md5 ×19domain ×17url ×8hash_sha1 ×2registry_key ×1
Indicator values are available on Pro and via the API.
Recent reports
High