The new malware, dubbed ToddlerShark by researchers at Kroll, overlaps with ReconShark and BabyShark, reconnaissance tools used by Kimsuky (also known as APT43, Emerald Sleet, and Velvet Chollima).
Kimsuky, also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (previously Thallium), KTA082, Nickel Kimball, and Velvet Chollima, has steadily expanded its malware arsenal to include new ...
The activity has been attributed to a threat actor called Konni , which is assessed to share overlaps with a North Korean cluster tracked as Kimsuky (aka APT43). "This campaign relies on a remote ...