North Korea-linked hackers pose as human rights activists, report says - UPI.com

SEOUL, Jan. 19 (UPI) -- North Korea-linked hackers are using emails that impersonate human rights organizations and financial institutions to lure targets into opening malicious files, according to a threat intelligence report released Monday by South Korean cybersecurity firm Genians.

The campaign, dubbed "Operation Poseidon," has been attributed to the Konni hacking cluster, a group linked by security researchers to Pyongyang-backed cyber operations and known for conducting long-running advanced persistent threat, or APT, campaigns.

"The threat actor was identified as repeatedly employing social engineering tactics by impersonating North Korean human rights organizations and financial institutions in South Korea," the Genians Security Center report said.

Genians said Konni has overlapping targets and infrastructure with other North Korea-linked threat groups, including Kimsuky and APT37, which have been tied to cyber espionage, surveillance and influence operations targeting South Korean government agencies, researchers and civil society groups.

North Korea-linked hackers pose as human rights activists, report says - UPI.com

Related reading

North Korea hackers used KakaoTalk in spear-phishing campaign, report says -…

North Korean hackers tied to $290M crypto heist, firm says - UPI.com

Six signs North Korea has embedded agents in your company—and what to do about…

North Korean hackers used ChatGPT to help forge deepfake ID | Fortune

Fireblocks CEO says North Korea-linked job recruitment scam targeted LinkedIn…

North Korean operative reveals the inner workings of the IT scam infiltrating…