An official website of the United States government

U.S. and ROK Agencies Cybersecurity Alert: The DPRK Social EngineeringCampaigns Targeting Think Tanks and
June 1, 2023

Office of the Spokesperson

Today the U.S. Department of State, the Federal Bureau of Investigation, and the National Security Agency together with partners from the Republic of Korea Ministry of Foreign Affairs, National Police Agency, and National Intelligence Service are releasing a Cybersecurity Advisory on social engineering and hacking threats posed by the DPRK cyber group known as Kimsuky. This Advisory is collaborative effort between our two governments and a concrete outcome of the U.S.-ROK Working Group on DPRK Cyber Threats.

Kimsuky, a set of DPRK cyber actors, conducts large-scale social engineering campaigns in which victims at think tanks, academic institutions, and news outlets are manipulated and compromised for the purpose of intelligence gathering.

This joint Cybersecurity Advisory provides detailed information on how Kimsuky actors operate, warning signs of spearphishing campaigns, and mitigation measures that can be implemented to enhance network security against Kimsuky operations.

If you believe you’ve been targeted by a DPRK spearphishing campaign by Kimsuky actors, please report the incident to www.ic3.gov  and reference #KimsukyCSA in the description.