The NSA and FBI issued a joint cybersecurity advisory alerting about North Korean hackers using spear-phishing campaigns to send emails appearing as from trusted sources like journalists, exploiting weak DMARC policies to gather intelligence on geopolitical events, foreign policies, and opinions on topics like nuclear disarmament, U.S.-South Korea policies, and sanctions
The hackers, known as Kimsuky, establish trust with targets through benign conversations, using aliases impersonating DPRK experts, and sending malware or credential requests only after building rapport. Organizations are advised to update their DMARC policies, treat suspicious emails as spam, and receive feedback reports to enhance security against such attacks. ```https://thehackernews.com/2024/05/nsa-fbi-alert-on-n-korean-hackers.html