North Korea’s Kimsuky Taps Trusted Platforms to Attack South Korea

The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.