In this presentation, TeamT5 will share insights into the latest attack evolution and strategic changes of the North Korean APT group Kimsuky. We will provide an in-depth introduction to Kimsuky's subgroups, CloudDragon and KimDragon, analyzing their shifting attack targets and the technical evolution of their specialized backdoor tools. According to our research, the group's targeting scope has gradually expanded from early focuses on government sectors, think tanks, defense, and financial institutions to heavy industries, technology sectors, and cryptocurrency industries. Following Microsoft's default disablement of macro functionality, the group has progressively adopted various alternative approaches in their operations, demonstrating high flexibility and adaptability. Finally, we will thoroughly examine the group's arsenal and its evolutionary trajectory.