"The Office of Foreign Assets Control (OFAC) of the US Department of Treasury recently announced that it has sanctioned the cyberespionage group Kimsuky, also known as APT43, for gathering intelligence on behalf of the Democratic People's Republic of Korea (DPRK).
Sanctions imposed by the United States are technically in response for a North Korean military reconnaissance satellite launch on Nov. 21, but they are also intended to deprive the DPRK of revenue, materials, and intelligence needed to sustain its weapons of mass destruction development programme, according to the Treasury's sanctions announcement.
The Lazarus Group and its subsidiaries Andariel and BlueNoroff were subject to similar sanctions by the OFAC in September 2019—more than four years ago. Kimsuky is the target of these sanctions as it gathers intelligence to support the regime's strategic goals.
Kimsuky is a well-known cyber espionage group that primarily targets governments, nuclear organisations, and foreign relations entities in order to gather intelligence that serves North Korea's interests. It is also known by the names APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (formerly known as Thallium), Nickel Kimball, and Velvet Chollima.
"The group combines moderately sophisticated technical capabilities with aggressive social engineering tactics, especially against South Korean and U.S.-based government organisations, academics, and think tanks focused on Korean peninsula geopolitical issues," Mandiant, which is owned by Google, stated in October 2023.
Similar to the Lazarus Group, it is a part of the Reconnaissance General Bureau (RGB), which is in charge of intelligence gathering operations and is North Korea's main foreign intelligence service. At least since 2012, it has been known to be active.
"Kimsuky employs social engineering to collect intelligence on geopolitical events, foreign policy strategies, and diplomatic efforts affecting its interests by gaining illicit access to the private documents, research, and communications of their targets," the Treasury stated.
The agency also named Choe Song Chol and Im Song Sun for managing front companies that made money by exporting skilled workers; Kang Kyong Il, Ri Sung Il, and Kang Phyong Guk for serving as weapons sales representatives; and So Myong, Choe Un Hyok, and Jang Myong Chol for participating in illegal financial transfers to acquire materials for North Korea's missile programmes.
