Kimsuky and Konni APT Groups Lead Active Attacks Targeting East Asia

An significant 20 Advanced Persistent Threat (APT) occurrences were found in April 2025, according to a new report from Fuying Lab’s worldwide threat hunting system.

East Asia emerges as a primary hotspot, where the notorious APT groups Kimsuky and Konni have been identified as the most active players.

According to the Report, their operations predominantly target government agencies, financial institutions, and research bodies, leveraging sophisticated intrusion techniques.

Spear Phishing Dominates as Primary Attack Vector

Spear phishing email attacks stand out as the most prevalent method, accounting for 70% of the recorded incidents in the region.

These emails often use highly tailored baits, such as discussions around trilateral cooperation between the US, Australia, and New Zealand, to lure victims into engaging with malicious content a signature tactic of Kimsuky designed to exploit relevance to the target.

Beyond East Asia, the report highlights significant APT activities ...