Search OpenSanctions

Kimsuky Group

Sanction-linked entity

Kimsuky Group is an entity of interest. It has not been found on international sanctions lists.

Type	Organization				[sources]
Name	Kimsuky Group				[sources]
Other name	APT 43 · APT43 · Kimsuky · Sharptongue · Thallium · 1 more...				[sources]
Legal form	not available				[sources]
Country	North Korea				[sources]
Description	North Korean cybercrime group controlled by the Reconnaissance General Bureau (RGB; KPe.031).				[sources]
E-Mail	bing2020@outlook.kr · donghyunkim1010@gmail.com · ds1kde@daum.net · ds1kdie@aol.com · haris2022100@outlook.com · 11 more...				[sources]
Status	not available				[sources]
Last change	2024-06-18	Last processed	2024-10-21	First seen	2023-08-08

Descriptions

In Annex 98 (p. 568) of the UN Panel of Experts March 2024 report, the Panel released a list of websites associated with Kimsuky. Please proceed with caution as the following URLs might be linked to cybercrime activities and the distribution of malware: sovershopp[.]online; onerearth[.]xyz; mofa[.]lat; janskinmn[.]lol; supermeasn[.]lat; bookstarrtion[.]online; cdredos[.]site; scemsal[.]site; somelmark[.]store

— DPRK Reports non-official source, 2024-05-02

Relationships

Linked from
Subject	Role	Start date	End date
TA406	Associated	-	-
ARCHIPELAGO	ARCHIPELAGO is a subset of APT 43 (alias of Kimsuky Group)	-	-
TA427	Associated	-	-
UNC 4899	The entities have "overlaps"	-	-
Reconnaissance General Bureau	The Reconnaissance General Bureau oversees all North Korean cybercrime activities, Kimsuky group included	-	-
Third Bureau of the Reconnaissance General Bureau	Kimsuky Group is reported to be included in the Third Bureau of the Reconnaissance General Bureau	-	-

Linked to
Object	Role	Start date	End date
63 Research Center of the Reconnaissance General Bureau	Kimsuky Group is working with or on behalf of the 63 Research Center	-	-

Data sources

DPRK Reports5,540

A database of entities and events related to North Korea's sanctions evasion efforts.

United Kingdom · RUSI · non-official source

External databases

The record has been enriched with data from the following external databases:

Graph-based entity tagging63,732

Automatically generated graph-based topic annotations

External dataset · OpenSanctions · non-official source

For experts: raw data explorer

Factsheet Descriptions Data sources

OpenSanctions is free for non-commercial users. Businesses must acquire a data license to use the dataset.

Use the API License in bulk

Linked from
Subject	Role	Start date	End date
TA406	Associated	-	-
ARCHIPELAGO	ARCHIPELAGO is a subset of APT 43 (alias of Kimsuky Group)	-	-
TA427	Associated	-	-
UNC 4899	The entities have "overlaps"	-	-
Reconnaissance General Bureau	The Reconnaissance General Bureau oversees all North Korean cybercrime activities, Kimsuky group included	-	-
Third Bureau of the Reconnaissance General Bureau	Kimsuky Group is reported to be included in the Third Bureau of the Reconnaissance General Bureau	-	-

Linked to
Object	Role	Start date	End date
63 Research Center of the Reconnaissance General Bureau	Kimsuky Group is working with or on behalf of the 63 Research Center	-	-