<ul><li>Researchers detected Kimsuky APT group exploiting the BlueKeep RDP flaw in attacks against South Korea and Japan.</li><li>The group gained initial access by exploiting the RDP vulnerability and distributed malware through phishing emails and exploiting the Microsoft Office Equation Editor vulnerability.</li><li>They installed MySpy malware and RDPWrap to maintain remote access, and deployed keyloggers to record keystrokes.</li><li>Kimsuky APT has been targeting organizations in multiple countries since September 2023, with a focus on South Korea and Japan.</li></ul>

Kimsuky APT exploited BlueKeep RDP flaw in attacks against South Korea and Japan

Discover more