Kimsuky is a threat actor attributed to KP, also known as Velvet Chollima, Black Banshee, Thallium. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Kimsuky exploit?

Kimsuky is known to exploit 6 CVEs. View the full list on the Strobes VI threat actor profile page.

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001

Kimsuky

Also known as: Velvet Chollima, Black Banshee, Thallium, Operation Stolen Pencil, G0086, APT43, Emerald Sleet, THALLIUM, Springtail, Sparkling Pisces, TA427, TA406

KPCyber Espionage

Exploited CVEs

Overview

This threat actor targets South Korean think tanks, industry, nuclear power operators, and the Ministry of Unification for espionage purposes.

Exploited Vulnerabilities

CVE ID	Action
CVE-2016-6662	View Details