FBI Warns of North Korean QR Phishing Campaigns

FBI Warns of North Korean QR Phishing Campaigns

https://www.infosecurity-magazine.com/news/fbi-warns-north-korean-qr-phishing/

Publish Date: 2026-04-06 17:57:16

Source Domain: www.infosecurity-magazine.com

Summary:
North Korean cyber threat actors, particularly the Kimsuky Advanced Persistent Threat (APT) group, have deployed QR code-based phishing tactics in sophisticated quishing campaigns targeting various US and foreign organizations in 2025. The FBI recently issued a Flash alert highlighting these phishing attempts that often spoof legitimate entities and involve QR codes to redirect recipients to malicious websites designed to harvest credentials. This method allows cybercriminals to bypass traditional security measures like multi-factor authentication and exploit less secure mobile device environments. The FBI advises affected organizations to respond by enhancing employee education, ensuring verification of QR code legitimacy, employing mobile device management solutions, and implementing phishing-resistant multi-factor authentication. The FBI report underscores the need for vigilance and proactive measures to counter these evolving attack vectors.

Key Points:

• North Korean Kimsuky APT group targets US think tanks, academic institutions, and government entities with QR code-based phishing campaigns, termed ‘quishing’.
• Phishing examples include fraudulent emails with QR codes claiming to access secure surveys or registration pages, leading to credential harvesting.
• Quishing campaigns aim to exploit less secure mobile devices to bypass traditional email security measures and steal session tokens.
• The FBI recommends multi-layered responses, including employee training, direct verification of QR code sources, and advanced multi-factor authentication.