ENKI

ENKI is a South Korean cybersecurity firm that specializes in threat research and vulnerability analysis. The company provides security assessments, incident response support, and technical analysis of cyber attacks for its clients. Its work includes reverse engineering malware and examining exploit techniques used by adversaries. ENKI shares its findings with relevant software vendors to facilitate remediation. The firm’s services are aimed at improving defensive capabilities against sophisticated threats.

ENKI’s headquarters is located in South Korea, from where it conducts its research and advisory operations. While the exact size of the organization or its employee count is not disclosed in the available sources, the firm has demonstrated the capacity to engage in high‑profile incident analysis. Its involvement in examining attacks attributed to well‑known threat actors indicates a recognized presence in the cybersecurity community. The firm’s activities are focused on both domestic and international threat landscapes.

A distinguishing attribute of ENKI is its expertise in analyzing state‑sponsored campaigns, particularly those linked to the Lazarus group. In January 2021 the firm was targeted by Lazarus using social engineering and MHTML files that exploited an Internet Explorer zero‑day vulnerability. ENKI’s analysts successfully identified the double‑free bug, confirmed that the exploit failed in their environment, and responsibly reported the vulnerability to Microsoft. This incident highlights the firm’s technical depth in handling complex exploit chains and its commitment to coordinated disclosure. ENKI’s specialization in zero‑day research sets it apart from many generic security service providers.

Information regarding ENKI’s ownership structure, parent companies, or any subsidiaries is not provided in the supplied material. Consequently, no statements can be made about its corporate affiliations or equity holdings. The available sources focus on the firm’s technical actions during the Lazarus incident rather than its business organization. Therefore, any description of ENKI’s structural details would rely on data outside the given context. This concludes the factual profile based on the confirmed information.