🇰🇵North Korean APT

North Korean Advanced Persistent Threat (APT) groups are known for their state-sponsored cyber operations, often characterized by a mix of cyber-espionage, disruptive attacks, and financially motivated crimes. Here is a list of notable North Korean APT groups:

Notable North Korean APT Groups

1. Lazarus Group

   • Aliases: Hidden Cobra, Guardians of Peace (GOP), APT38

   • Affiliation: North Korean government

   • Targets: Financial institutions, critical infrastructure, entertainment industry, and government agencies.

   • Notable Activities:

     • WannaCry Ransomware: A global ransomware attack in 2017 that encrypted files on numerous systems and demanded ransom payments in Bitcoin.

     • Sony Pictures Hack: A 2014 attack that led to the leak of sensitive data and disrupted Sony Pictures Entertainment.

     • Bangladesh Bank Heist: A 2016 cyber heist where $81 million was stolen from the Bangladesh Central Bank using fraudulent SWIFT transactions.

2. APT37 (Reaper, RedAlpha)

   • Aliases: Scarcruft, Black Heaven

   • Affiliation: North Korean government

   • Targets: South Korean government, military, and technology sectors; also targets individuals and organizations in other countries.

   • Notable Activities:

     • Espionage: Conducted cyber-espionage operations aimed at stealing sensitive information from South Korean and international targets.

3. APT38 (BlueNoroff, Stardust Chollima)

   • Affiliation: North Korean government

   • Targets: Financial institutions, cryptocurrency exchanges, and other high-value targets.

   • Notable Activities:

     • Cryptocurrency Theft: Involved in high-profile attacks targeting cryptocurrency exchanges to steal millions in digital assets.

     • Bank Heists: Engaged in sophisticated attacks against financial institutions to steal funds.

4. Kimsuky

   • Aliases: Thallium, Black Water

   • Affiliation: North Korean government

   • Targets: South Korean government officials, academic institutions, and political organizations.

   • Notable Activities:

     • Cyber-espionage: Focused on gathering intelligence on South Korean political and defense sectors, as well as on U.S. and South Korean policy issues.

5. APT10 (Stone Panda, MenuPass)

   • Affiliation: Chinese interests but has occasionally been linked to North Korean operations.

   • Targets: Global technology, aerospace, and engineering sectors.

   • Notable Activities:

     • Intellectual Property Theft: Conducted espionage campaigns targeting intellectual property and proprietary information.

6. APT34 (OilRig, Helix)

   • Affiliation: Iranian but has sometimes cooperated with North Korean interests.

   • Targets: Financial, energy, and telecommunications sectors.

   • Notable Activities:

     • Espionage and Data Theft: Conducted operations focused on gathering sensitive information related to financial and industrial sectors.