Kimsuky targets organizations with PebbleDash-based tools

Summary

Kaspersky researchers have identified a suite of new tools based on PebbleDash being used by the North Korean-linked Kimsuky threat actor in recent campaigns. The analysis reveals these tools are connected to the AppleSeed malware cluster, expanding the known toolkit of this persistent state-sponsored group.

Indicators of Compromise

• malware — PebbleDash
• malware — AppleSeed

Entities