Threat Actor Profile

Kimsuky

State-sponsored threat group originating from KP. Suspected sponsor: Korea (Democratic People's Republic of). Known to target Government, Private sector. Uses 129 known MITRE ATT&CK techniques.

129 TTPs Mapped 2 Industries Tracked Real-Time Alerts

OriginKP

129MITRE TTPs

2Sectors Hit

Actor Overview

Origin Country

Suspected Sponsor

Korea (Democratic People's Republic of)

Incident Types

Espionage

Known Techniques

129 TTPs

Target Industries

GovernmentPrivate sector

Suspected Victims

Ministry of UnificationSejong InstituteKorea Institute for Defense AnalysesGermany

MITRE ATT&CK Techniques

T1218T1098T1098.007T1583T1583.001T1553T1583.004T1583.006T1557T1071T1071.001T1071.002T1071.003T1560T1560.001 +114 more

Related Threat Reports

Premium

APT Campaign Analysis - Q4 2025Dec 2025

New Tactics Observed in WildDec 2025

Infrastructure Mapping ReportDec 2025

Stay Updated

Get alerts when new intel on Kimsuky is published.

Actor Details

Primary Name

Kimsuky

Known Aliases

Velvet Chollima, Black Banshee, Thallium, Operation Stolen Pencil, G0086, APT43, Emerald Sleet, THALLIUM, Springtail, Sparkling Pisces

Data Source

Precursor Intelligence

Need API Access?

Integrate threat actor data into your SIEM or SOAR.

View Plans →