North Korea-associated advanced persistent threat group TA406, aka Kimsuky or Thallium, has ramped up its cyberespionage operations in 2021, researchers say. Researchers have “high confidence” that TA406 operates on behalf of North Korea’s government, they say. The group targeted diplomats and policy experts across Asia, the U.K. and U.S. Researchers say it has used spear-phishing campaigns in 2021 to deliver both credential harvesting links and malware such as Konni, Sanny, Carrotbat/Carrotball, Babyshark and Android Moez.”]
Source: https://www.cuinfosecurity.com/north-korean-apt-group-steps-up-espionage-ops-in-2021-a-17957