Phishing, Threat Intelligence

Diehl Defence reportedly attacked by Kimsuky APT

Computer keyboard, close-up button of the flag of North Korea.

German defense systems manufacturer Diehl Defense was reported to have been compromised in a sophisticated spear-phishing attack by North Korean state-backed advanced persistent threat operation KimsukySecurityWeek reports.

After conducting comprehensive reconnaissance efforts against Diehl Defence, Kimsuky — also known as APT43, TA406, Black Banshee, Emerald Sleet, and Velvet Chollima — was discovered by Google Mandiant researchers to have deployed spear-phishing attacks involving contract lures with U.S. defense contractors redirecting to fraudulent login pages spoofing those of a telecommunications firm and an email services provider that sought to exfiltrate Diehl Defence employee credentials, according to a report from German news website Der Spiegel. Such a development comes after Kimsuky had been sanctioned by the U.S. for its involvement in several attacks against government entities, news organizations, universities, and research centers across the country. Similar intrusions have also been launched by Kimsuky against such organizations in Asia and Europe.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds