Here is more from NK News:
The FBI has warned that a North Korean cybercrime group known for its prolific espionage operations is using QR codes to launch spear-phishing attacks against U.S. and foreign government entities and other institutions.
The Pyongyang-backed actor Kimsuky targeted nongovernmental organizations, think tanks, academia and foreign policy experts by embedding malicious QR codes in phishing emails in May and June, the bureau said in an alert on Thursday.
Using this technique known as quishing (QR code phishing), Kimsuky emailed a think tank head in May and pretended to be a foreign advisor seeking insight on recent developments on the Korean Peninsula, according to the advisory. The phishing email provided a malicious QR code to scan for access to a questionnaire.
The same month, the North Korean cybercrime group impersonated an embassy employee and sent a senior fellow at a DPRK human rights-focused think tank an email containing a QR code, which allegedly provided access to a secure drive.
In another attack in May, Kimsuky spoofed a think tank employee in an email with a QR code that redirected users to Kimsuky-controlled cyberattack infrastructure.
For years North Korea has targeted think tanks in the US and elsewhere.