On Jan. 27, we observed visitors to a Korean news site being redirected to the GongDa Exploit Kit (EK), potentially exposing them to malware infection. We will be referring to this site as KNS.

https://www.fireeye.com/blog/threat-research/2016/03/gongda_vs_koreanne.html