North Korea Actor Kimsuky Updates its Reconnaissance Malware RandomQuery

26 May 2023
Kimsuky, the North Korean APT group, is actively distributing a variant of custom malware known as RandomQuery as part of its reconnaissance campaigns. The malware has been specifically designed to perform two primary functions: file enumeration and data exfiltration. A real-time threat intelligence exchange platform can help fend off the threats from RandomQuery and other similar custom espionage tools.