SOCRadar profiles Kimsuky, also tracked as APT43, as a North Korean cyber-espionage group focused on sensitive information from South Korea, the United States, and Europe. The source describes spearphishing emails with malicious attachments or links, Hangul Word Processor lure files, malicious Chrome extensions used to steal browser data, and exploitation of known Microsoft Office, EPS, and SharePoint vulnerabilities. It identifies BabyShark, Gold Dragon, SWEETDROP, and BITTERSWEET as tools or payloads associated with Kimsuky activity, with capabilities ranging from data collection to backdoor access and additional-stage download. The report’s defensive value is a consolidated actor profile linking Kimsuky’s social engineering, vulnerability exploitation, and malware toolkit to espionage operations.