It was stated that Kimsuky sent fake e-mails to 150 politicians on diplomacy and security issues in order to steal the information of the people in question.
In the statement, it was stated that the hacker group sent these people misleading e-mails to redirect them to fake sites in April-July 2022 and followed them simultaneously for four to nine months.
It was stated in the statement that South Korea’s intelligence agency analyzed approximately 5,800 e-mails sent by Kimsuky, and after the necessary actions, it was determined that the hacker group in question was behind the entire operation.
The Seoul government unilaterally imposed sanctions on the Kimsuky group on June 2.
The report, released by Google’s cybersecurity unit Mandiant, revealed that Kimsuky stole cryptocurrencies to finance espionage operations related to North Korea’s nuclear program.
It was stated that hackers laundered stolen cryptocurrencies through cloud mining services.