JAKARTA - Kimsuky's active cyber espionage campaign continues to show productive equipment updates and tactics to target entities related to North Korea.
Seongsu Park, Main Security Researcher for the Global Research and Analysis Team (GReAT) at Kaspersky, discovered that Kimsuky is constantly configured command and multi-phase (C2) servers with various commercial hosting services located around the world.
Command and control servers (command and control) are servers that help threat actors control their malware and send malicious commands to their members, set spyware, send payloads, and more.
Park also said that Kimsuky now has 603 malicious command centers with more likely attacks reaching beyond the Korean peninsula.
To protect systems and networks from Kimsuky's clandestine tactics and techniques, Kaspersky experts suggest:
Full context-based defense is key
Cooperation with other industries
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)