The U.S. Government has warned against a new tactic the North Korean cyber group known as Kimsuky is deploying to enhance its social engineering and hacking efforts targeting think tanks, academic institutions, non-profit organizations, and members of the media.
A Cybersecurity Advisory issued by the Department of State, the Federal Bureau of Investigation, and the National Security Agency says Pyongyang’s exploitation of improperly configured DNS Domain-based Message Authentication, Reporting, and Conformance (DMARC) record policies allows the authoritarian regime to spoof legitimate email sender domains in order to conceal spearphishing attempts more effectively.
Kimsuky, a cyber group within the North Korean military intelligence organization, the Reconnaissance General Bureau, conducts large-scale social engineering campaigns to manipulate and compromise victims for the purpose of intelligence gathering, the State Department said.
This joint Cybersecurity Advisory provides detailed information on how Kimsuky actors operate, warning signs of spearphishing campaigns, and mitigation measures to enhance network security and DMARC policies to protect against Kimsuky operations.
Copyright © 2024, RTTNews.com, Inc. All Rights Reserved.
