A hacker group previously associated with the North Korean regime has been spotted launching spear-phishing attacks to compromise officials part of the United Nations Security Council.
The attacks, disclosed in a UN report last month, have taken place this year and have targeted at least 28 UN officials, including at least 11 individuals representing six countries of the UN Security Council.
UN officials said they learned of the attacks after being alerted by an unnamed UN member state (country).
The attacks were attributed to a North Korean hacker group known in the cyber-security community by the codename of Kimsuky.
According to the UN report, Kimsuky operations took place across March and April this year and consisted of a series of spear-phishing campaigns aimed at the Gmail accounts of UN officials.
The emails were designed to look like UN security alerts or requests for interviews from reporters, intended to convince officials to access phishing pages or run malware files on their systems.
The country that reported the Kimsuky attacks to the UN Security Council also said that similar campaigns were also carried out against government members, with some of the attacks taking place via WhatsApp, not just email.
Furthermore, the same country informed the UN that the Kimsuky attacks have incredibly persistent with the North Korean hacker group pursuing “certain individuals throughout the ‘lifetime’ of their [government] career.”