Kimsuky, also known as Black Banshee, is described as a North Korean state-sponsored APT active since at least 2012 and focused on cyber espionage against targets including South Korea, Japan, and the United States. The excerpt identifies phishing, malware infections, supply-chain compromise, lateral movement, and data exfiltration as recurring tactics, with malware including RATs, backdoors, and wipers. It highlights Android-focused activity using malicious APKs named FastFire, FastViewer, and FastSpy, with Firebase used as command-and-control infrastructure and Androspy modifications used to evade detection. The source also notes ReconShark, an evolution of BabyShark, as reconnaissance malware used in a May 2023 global espionage campaign to collect and exfiltrate system information.