lazarusholic · Nov 10, 2025 · 1:30 PM UTC

lazarusholic

Andre Gironda retweeted

lazarusholic @lazarusholic

"건강검진 안내 문서로 위장한 악성코드" published by @logpresso. #Kimsuky, #DPRK, #CTI logpresso.com/en/blog/2025-1…

lazarusholic · Nov 9, 2025 · 11:30 PM UTC

Andre Gironda retweeted

lazarusholic @lazarusholic

19h

"ESET APT Activity Report Q2 2025–Q3 2025" published by @ESETresearch. #APTDown, #DeceptiveDevelopment, #Lazarus, #Trend, #Kimsuky, #Konni, #DPRK, #CTI welivesecurity.com/en/eset-r…

Gray Hats · Nov 10, 2025 · 1:32 AM UTC

Securityblog retweeted

Gray Hats @the_yellow_fall

17h

Kimsuky APT is using a Themes.js JavaScript loader and certutil LOLBIN to gain minute-by-minute persistence via a Windows Scheduled Task. The APT is targeting think tanks for espionage. #Kimsuky #APT #Cyberespionage #ScheduledTask securityonline.info/kimsuky-…

blackorbird · Nov 3, 2025 · 2:50 AM UTC

Lexi👾 retweeted

blackorbird

@blackorbird

Nov 3

#kimsuky Malware HttpTroy #lazarus BLINDINGCAN remote access tool upgraded version gendigital.com/blog/insights…

Cybersecurity News Everyday · Nov 10, 2025 · 2:55 AM UTC

Cybersecurity News Everyday @TweetThreatNews

15h

Kimsuky’s Themes.js dropper downloads additional JavaScript from iuh234.medianewsonline, collects system data, packages results into .cab files with certutil, and exfiltrates via POST, establishing persistence with a scheduled task. #Kimsuky #MalwareAnal… ift.tt/AdbnzXw

Autumn Good · Nov 10, 2025 · 2:17 AM UTC

Autumn Good @autumn_good_35

16h

『한국 내 탈북 청소년 전문 심리상담사의 카카오톡 계정을 탈취·악용하여 실제 탈북민 학생에게 '스트레스 해소 프로그램'으로 위장한 악성파일을 전송한 사실이 확인되었습니다』🧐 #Kimsuky #Konni 국가 배후 위협 조직의 안드로이드 디바이스 대상 원격 초기화 전술 genians.co.kr/blog/threat_in…

lazarusholic · Nov 6, 2025 · 1:30 PM UTC

Gaston LaGaffe retweeted

lazarusholic @lazarusholic

Nov 6

"Dissecting the Infection Chain: Technical Analysis of the Kimsuky JavaScript Dropper" published by @pulsedive. #Kimsuky, #DPRK, #CTI blog.pulsedive.com/dissectin…

Yogesh Londhe · Sep 1, 2025 · 10:43 AM UTC

Andre Gironda retweeted

Yogesh Londhe @suyog41

Sep 1

Kimsuky Приглашение[Касат. 80-летия Августовской революции 1945 г. и Дня Независимости].lnk Invitation[Casat. 80th Anniversary of the August Revolution of 1945 and Independence Day].lnk 6d18166da354efacd541bcac622a6e43 C2 medianewsonline[.]com #Kimsuky #APT #IOC

SecAI @SecAI_AI

8 Nov 2024

New #IOC of #C2, #Kimsuky #APT: treffic[.]medianewsonline[.]com secai.ai/research/treffic.me… #CyberThreat #CyberSecurity #OSINT

lazarusholic · Nov 7, 2025 · 1:30 PM UTC

Andre Gironda retweeted

lazarusholic @lazarusholic

Nov 7

"One person and four entities listed under the Autonomous Sanctions Regulations 2011 – Democratic People’s Republic of Korea" published by AUDFAT. #Andariel, #Kimsuky, #Lazarus, #Sanctions, #DPRK, #CTI dfat.gov.au/news/news/one-pe…

Emmy Byrne · Nov 6, 2025 · 12:18 PM UTC

SeongKyu, Park retweeted

Emmy Byrne @byrne_emmy12099

Nov 6

1740489988221-19.jse 5178c640e7694464b73155e0a0fc2493041c48397f3d4e705b79669bced397db #APT #Kimsuky

Sakai · Nov 6, 2025 · 1:51 PM UTC

Moonbeom(Daniel) retweeted

Sakai

@sakaijjang

Nov 6

김수키(Kimsuky) 행정안전부 사칭 이메일 분석(2025.10.9) wezard4u.tistory.com/429639 #김수키 #Kimsuky

lazarusholic · Nov 6, 2025 · 1:30 PM UTC

Securityblog retweeted

lazarusholic @lazarusholic

Nov 6

"New Kimsuky Malware “EndClient RAT”: First Technical Report and IOCs" published by @0x0v1. #EndClientRAT, #Kimsuky, #DPRK, #CTI 0x0v1.com/endclientrat/

Jerry Han. · Nov 7, 2025 · 12:43 AM UTC

CHA Minseok(Jacky) retweeted

Jerry Han. @seunghoonhan

Nov 7

Analysis of an Attack Disguised as a Document from the Korean Government’s National Health Care Service logpresso.com/ko/blog/2025-1… #apt #kimsuky @500mk500