Threat Intelligence Report

Analysis of the APT-C-55 (Kimsuky) Campaign Leveraging GitHub and Dropbox to Distribute Malicious Payloads

📅 May 13, 2026 📰 mp.weixin.qq.com 🔍 0 CVE(s) referenced

Kimsuky（APT-C-55）组织近期通过滥用GitHub和Dropbox等合法云平台分发多阶段恶意载荷，采用插件化木马架构窃取敏感信息并规避传统检测，持续针对全球政府、智库等高价值目标实施高度隐蔽的网络攻击。

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle