A unique difference with the past cases was discovered during the analysis of the Kimsuky group’s spear phishing URLs. Until now, the group used Fully Qualified Domain Names (FQDN) disguised as famous Korean web portals. An analysis of the URLs collected during the past two months revealed multiple new FQDNs including keywords related to certain Korean banks, instead of the past FQDNs disguised as web portals.
Unique characteristics of Kimsuky group’s spear phishing emails
The post Unique characteristics of Kimsuky group’s spear phishing emails appeared first on ASEC BLOG.
Article Link: Unique characteristics of Kimsuky group's spear phishing emails - ASEC BLOG