North Korean APT

North Korean Advanced Persistent Threat (APT) groups are known for their state-sponsored cyber operations, often characterized by a mix of cyber-espionage, disruptive attacks, and financially motivated crimes. Here is a list of notable North Korean APT groups:

Notable North Korean APT Groups

Lazarus Group
- Aliases: Hidden Cobra, Guardians of Peace (GOP), APT38
- Affiliation: North Korean government
- Targets: Financial institutions, critical infrastructure, entertainment industry, and government agencies.
- Notable Activities:
  - WannaCry Ransomware: A global ransomware attack in 2017 that encrypted files on numerous systems and demanded ransom payments in Bitcoin.
  - Sony Pictures Hack: A 2014 attack that led to the leak of sensitive data and disrupted Sony Pictures Entertainment.
  - Bangladesh Bank Heist: A 2016 cyber heist where $81 million was stolen from the Bangladesh Central Bank using fraudulent SWIFT transactions.
APT37 (Reaper, RedAlpha)
- Aliases: Scarcruft, Black Heaven
- Affiliation: North Korean government
- Targets: South Korean government, military, and technology sectors; also targets individuals and organizations in other countries.
- Notable Activities:
  - Espionage: Conducted cyber-espionage operations aimed at stealing sensitive information from South Korean and international targets.
APT38 (BlueNoroff, Stardust Chollima)
- Affiliation: North Korean government
- Targets: Financial institutions, cryptocurrency exchanges, and other high-value targets.
- Notable Activities:
  - Cryptocurrency Theft: Involved in high-profile attacks targeting cryptocurrency exchanges to steal millions in digital assets.
  - Bank Heists: Engaged in sophisticated attacks against financial institutions to steal funds.
Kimsuky
- Aliases: Thallium, Black Water
- Affiliation: North Korean government
- Targets: South Korean government officials, academic institutions, and political organizations.
- Notable Activities:
  - Cyber-espionage: Focused on gathering intelligence on South Korean political and defense sectors, as well as on U.S. and South Korean policy issues.
APT10 (Stone Panda, MenuPass)
- Affiliation: Chinese interests but has occasionally been linked to North Korean operations.
- Targets: Global technology, aerospace, and engineering sectors.
- Notable Activities:
  - Intellectual Property Theft: Conducted espionage campaigns targeting intellectual property and proprietary information.
APT34 (OilRig, Helix)
- Affiliation: Iranian but has sometimes cooperated with North Korean interests.
- Targets: Financial, energy, and telecommunications sectors.
- Notable Activities:
  - Espionage and Data Theft: Conducted operations focused on gathering sensitive information related to financial and industrial sectors.

PreviousVietnamese APT NextMobile Malware

Last updated 10 months ago

North Korean APT

Notable North Korean APT Groups

Lazarus Group
- Aliases: Hidden Cobra, Guardians of Peace (GOP), APT38
- Affiliation: North Korean government
- Targets: Financial institutions, critical infrastructure, entertainment industry, and government agencies.
- Notable Activities:
  - WannaCry Ransomware: A global ransomware attack in 2017 that encrypted files on numerous systems and demanded ransom payments in Bitcoin.
  - Sony Pictures Hack: A 2014 attack that led to the leak of sensitive data and disrupted Sony Pictures Entertainment.
  - Bangladesh Bank Heist: A 2016 cyber heist where $81 million was stolen from the Bangladesh Central Bank using fraudulent SWIFT transactions.
APT37 (Reaper, RedAlpha)
- Aliases: Scarcruft, Black Heaven
- Affiliation: North Korean government
- Targets: South Korean government, military, and technology sectors; also targets individuals and organizations in other countries.
- Notable Activities:
  - Espionage: Conducted cyber-espionage operations aimed at stealing sensitive information from South Korean and international targets.
APT38 (BlueNoroff, Stardust Chollima)
- Affiliation: North Korean government
- Targets: Financial institutions, cryptocurrency exchanges, and other high-value targets.
- Notable Activities:
  - Cryptocurrency Theft: Involved in high-profile attacks targeting cryptocurrency exchanges to steal millions in digital assets.
  - Bank Heists: Engaged in sophisticated attacks against financial institutions to steal funds.
Kimsuky
- Aliases: Thallium, Black Water
- Affiliation: North Korean government
- Targets: South Korean government officials, academic institutions, and political organizations.
- Notable Activities:
  - Cyber-espionage: Focused on gathering intelligence on South Korean political and defense sectors, as well as on U.S. and South Korean policy issues.
APT10 (Stone Panda, MenuPass)
- Affiliation: Chinese interests but has occasionally been linked to North Korean operations.
- Targets: Global technology, aerospace, and engineering sectors.
- Notable Activities:
  - Intellectual Property Theft: Conducted espionage campaigns targeting intellectual property and proprietary information.
APT34 (OilRig, Helix)
- Affiliation: Iranian but has sometimes cooperated with North Korean interests.
- Targets: Financial, energy, and telecommunications sectors.
- Notable Activities:
  - Espionage and Data Theft: Conducted operations focused on gathering sensitive information related to financial and industrial sectors.

PreviousVietnamese APT NextMobile Malware

Last updated 10 months ago