← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Warning on KIMSUKY1 Cyber Actor's Recent Cyber Campaigns against Google's Browser and App Store Services
WHITE Kimsuky AlienVault 2023-03-24 Modified: 2023-04-23
16
IOCs
MEDIUM VOLUME
The German Bundesamt für Verfassungsschutz (BfV) and the National Intelligence Service of the Republic of Korea (NIS) issue the following Joint Cyber Security Advisory to raise awareness of KIMSUKY’s (a.k.a. Thallium, Velvet Chollima, etc.) cyber campaigns against Google's browser and app store services targeting experts on the Korean Peninsula and North Korea issues.
KimsukyGoogle Chromespear phishingGoogle Browser Devtools API
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (6 / 16 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 hostname domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 012d5ffe697e33d81b9e7447f4aa338b 2023-03-24
FileHash-MD5 04bb7e1a0b4f830ed7d1377a394bc717 2023-03-24
FileHash-MD5 3458daa0dffdc3fbb5c931f25d7a1ec0 2023-03-24
FileHash-MD5 51527624e7921a8157f820eb0ca78e29 2023-03-24
FileHash-MD5 582a033da897c967faade386ac30f604 2023-03-24
FileHash-MD5 89f97e1d68e274b03bc40f6e06e2ba9a 2023-03-24
References (1)
↗ https://www.verfassungsschutz.de/SharedDocs/publikationen/EN/prevention/2023-03-20-joint-cyber-security-advisory.pdf;jsessionid=C932136E2B1078A87C5D02616A769AEB.intranet672?__blob=publicationFile&v=2