Anomali Threat Research Team Identifies North Korea Based Cyber Attack Targeting Stanford University, Government Agencies, Think Tanks
Anomali Threat Research Team Identifies North Korea Based Cyber Attack Targeting Stanford University, Government Agencies, Think Tanks
  • Roberta Chan
  • 승인 2019.08.22 02:41
  • 댓글 0
이 기사를 공유합니다

Suspect Group May be Engaged in Phishing Campaign to Conduct Espionage, Anomali Researchers Believe

REDWOOD CITY, Calif., Aug. 21, 2019 (GLOBE NEWSWIRE/KOREA IT TIMES) -- Anomali, a leader in intelligence-driven cybersecurity solutions, today published its latest research report: Suspected North Korean Cyber Espionage Campaign Targets Multiple Foreign Ministries and Think Tanks

Anomali threat researchers first observed the attack after discovering a fake website masquerading as a login page for a government diplomatic portal. Analysis of the threat actor’s infrastructure uncovered a broad phishing campaign targeting a range of agencies, think tanks and at least one university. Among the target victims was Stanford University and the French Ministry for Europe and Foreign Affairs (MEAE). 

Multiple attribution points identified by Anomali threat researchers during their analysis indicated that the malicious activities may be tied to North Korean threat actors conducting cyberespionage. Among these was the observation that the infrastructure in use has been previously tied to the “Smoke Screen” campaign, reported by ESTSecurity in April.

Prior to announcing this discovery, the Anomali Threat Research Team went through all recognized and correct disclosure and notification procedures. The team also submitted the phishing sites detected to Google Safe Browsing and Microsoft for blacklist consideration.

Threat researchers utilized the Anomali Threat Platform to help identify the attack and expand their understanding of the adversary’s infrastructure. To learn more about how Anomali detects adversaries, visit: Anomali ThreatStream.


About Anomali
Anomali delivers intelligence-driven cybersecurity solutions to public and private sector organizations, including the world’s largest global enterprises and leading banks. Customers rely on Anomali to detect threats, understand adversaries, and respond effectively. Anomali arms security teams with machine learning optimized threat intelligence to identify hidden threats targeting their environments. With Anomali, organizations collaborate and share threat information among trusted communities. Anomali is the most widely adopted platform for ISACs and leading enterprises worldwide. For more information, visit us at

Joe Franscella
News Media Relations

삭제한 댓글은 다시 복구할 수 없습니다.
그래도 삭제하시겠습니까?
댓글 0
계정을 선택하시면 로그인·계정인증을 통해
댓글을 남기실 수 있습니다.

  • #1206, 36-4 Yeouido-dong, Yeongdeungpo-gu, Seoul, Korea(Postal Code 07331)
  • 서울특별시 영등포구 여의도동 36-4 (국제금융로8길 34) / 오륜빌딩 1206호
  • URL: / Editorial Div. 02-578-0434 / 010-2442-9446. Email:
  • Publisher: Monica Younsoo Chung. Chief Editorial Writer: Kim Hyoung-joong. CEO: Lee Kap-soo. Editor: Jung Yeon-jin.
  • Juvenile Protection Manager: Yeon Choul-woong. IT Times Canada: Willow St. Vancouver BC, Canada / 070-7008-0005.
  • Copyright(C) Korea IT Times, Allrights reserved.