Nation-state threat actors are often notorious for their evasive techniques and illusive trails that they leave behind.
We will share an intelligence-driven hunting methodology that was developed to uncover the very same threats that wish to remain in the dark. We will provide a case study of how we discovered and unraveled a cyber espionage campaign carried out by the infamous Kimsuky APT, operating on behalf of North Korean state interests.
Kimsuky is known for its adaptive and evasive techniques, development of custom malware to facilitate cyber espionage operations, and its use of complex infrastructure.
We shall familiarize our audience with Kimsuky’s TTPs and present a case study of how our hunting methodology assisted us in revealing a cyber espionage campaign carried out by the group and how we uncovered a previously undocumented spyware suite dubbed “KGH_SPY”.
We shall provide the audience with a practical intelligence-driven hunting methodology for security practitioners.