Kimsuky Targets South Korean Academia
1. Kimsuky uses TRANSLATEXT, a malicious Chrome extension, to steal sensitive information.
2. The campaign targets South Korean academia, focusing on North Korean political affairs.
3. TRANSLATEXT gathers emails, usernames, passwords, cookies, and browser screenshots.
4. The attack begins with a ZIP file containing a document and an executable.
5. Kimsuky employs spear-phishing and social engineering to activate the infection chain.
#kimsuky
#translatext
#cyberespionage
#southkorea
#chromeextension
#zscaler
#cybersecurity
#northkorea
#malware
#datatheft
#hacking
#apt43
#reconnaissance
#politicalaffairs
#cyberthreat
#sensitiveinformation
#browsersecurity
#spearphishing
#socialengineering
#espionagetool
#academictargets
#intelligencecollection
#threatactor
#googlechrome
#browserextension
#securityflaw
#microsoftoffice
#keylogger
#powershell
#github
#cyberdefense
1. Kimsuky uses TRANSLATEXT, a malicious Chrome extension, to steal sensitive information.
2. The campaign targets South Korean academia, focusing on North Korean political affairs.
3. TRANSLATEXT gathers emails, usernames, passwords, cookies, and browser screenshots.
4. The attack begins with a ZIP file containing a document and an executable.
5. Kimsuky employs spear-phishing and social engineering to activate the infection chain.
#kimsuky
#translatext
#cyberespionage
#southkorea
#chromeextension
#zscaler
#cybersecurity
#northkorea
#malware
#datatheft
#hacking
#apt43
#reconnaissance
#politicalaffairs
#cyberthreat
#sensitiveinformation
#browsersecurity
#spearphishing
#socialengineering
#espionagetool
#academictargets
#intelligencecollection
#threatactor
#googlechrome
#browserextension
#securityflaw
#microsoftoffice
#keylogger
#powershell
#github
#cyberdefense