The Kimsuky group’s hacking activities included sending phishing emails and hacking emails with malware attachments to certain individuals or organizations involved in the field of North Korea, politics, diplomacy, and security with the purpose of stealing email accounts and important materials. – Phishing emails disguised with legitimate URLs or hacking emails with malware attachments have been sent to certain individuals or organizations involved in the field of North Korea, politics, diplomacy, and security. – Various malicious behaviors have been carried out, such as searching for targets for hacking, sending hacking emails, scanning for the RDP vulnerability (CVE-2019-0708), and testing malware. – Targets have been infected with the BlackBit ransomware and victims have been led to pay the ransom for recovery.