medium
threat
Kimsuky APT Domains and URLs from Maltrail Feed
2 rules 2 TTPs 50 IOCsThis brief summarizes newly published IOCs consisting of domains and URLs associated with the Kimsuky APT group as of June 2nd, 2026, sourced from a Maltrail feed.
Kimsuky
+4
apt
ioc
malware
2r
2t
50i
high
threat
Kimsuky Targets Organizations with Evolving PebbleDash-Based Tools
2 rules 4 TTPs 5 IOCsKimsuky, a North Korean APT group, is actively targeting organizations, primarily in South Korea, with evolving tactics and tools, leveraging spear-phishing emails and messenger contacts to deploy malware such as PebbleDash and AppleSeed for establishing backdoors and stealing information.
VSCode +2
Kimsuky
+4
apt
spear-phishing
malware
pebbledash
appleseed
2r
4t
5i
high
threat
Kimsuky Malware Using Dropbox API for Command and Control
2 rules 2 TTPsKimsuky is using malware that leverages the Dropbox API for command and control, enabling file exfiltration and remote code execution.
Kimsuky
+4
dropbox
api
command-and-control
exfiltration
2r
2t