🇰🇵North Korean APT

North Korean Advanced Persistent Threat (APT) groups are known for their state-sponsored cyber operations, often characterized by a mix of cyber-espionage, disruptive attacks, and financially motivated crimes. Here is a list of notable North Korean APT groups:

Notable North Korean APT Groups

Lazarus Group
- Aliases: Hidden Cobra, Guardians of Peace (GOP), APT38
- Affiliation: North Korean government
- Targets: Financial institutions, critical infrastructure, entertainment industry, and government agencies.
- Notable Activities:
  - WannaCry Ransomware: A global ransomware attack in 2017 that encrypted files on numerous systems and demanded ransom payments in Bitcoin.
  - Sony Pictures Hack: A 2014 attack that led to the leak of sensitive data and disrupted Sony Pictures Entertainment.
  - Bangladesh Bank Heist: A 2016 cyber heist where $81 million was stolen from the Bangladesh Central Bank using fraudulent SWIFT transactions.
APT37 (Reaper, RedAlpha)
- Aliases: Scarcruft, Black Heaven
- Affiliation: North Korean government
- Targets: South Korean government, military, and technology sectors; also targets individuals and organizations in other countries.
- Notable Activities:
  - Espionage: Conducted cyber-espionage operations aimed at stealing sensitive information from South Korean and international targets.
APT38 (BlueNoroff, Stardust Chollima)
- Affiliation: North Korean government
- Targets: Financial institutions, cryptocurrency exchanges, and other high-value targets.
- Notable Activities:
  - Cryptocurrency Theft: Involved in high-profile attacks targeting cryptocurrency exchanges to steal millions in digital assets.
  - Bank Heists: Engaged in sophisticated attacks against financial institutions to steal funds.
Kimsuky
- Aliases: Thallium, Black Water
- Affiliation: North Korean government
- Targets: South Korean government officials, academic institutions, and political organizations.
- Notable Activities:
  - Cyber-espionage: Focused on gathering intelligence on South Korean political and defense sectors, as well as on U.S. and South Korean policy issues.
APT10 (Stone Panda, MenuPass)
- Affiliation: Chinese interests but has occasionally been linked to North Korean operations.
- Targets: Global technology, aerospace, and engineering sectors.
- Notable Activities:
  - Intellectual Property Theft: Conducted espionage campaigns targeting intellectual property and proprietary information.
APT34 (OilRig, Helix)
- Affiliation: Iranian but has sometimes cooperated with North Korean interests.
- Targets: Financial, energy, and telecommunications sectors.
- Notable Activities:
  - Espionage and Data Theft: Conducted operations focused on gathering sensitive information related to financial and industrial sectors.

PreviousVietnamese APT NextMobile Malware

Last updated 7 months ago

🇰🇵North Korean APT

Notable North Korean APT Groups

Lazarus Group
- Aliases: Hidden Cobra, Guardians of Peace (GOP), APT38
- Affiliation: North Korean government
- Targets: Financial institutions, critical infrastructure, entertainment industry, and government agencies.
- Notable Activities:
  - WannaCry Ransomware: A global ransomware attack in 2017 that encrypted files on numerous systems and demanded ransom payments in Bitcoin.
  - Sony Pictures Hack: A 2014 attack that led to the leak of sensitive data and disrupted Sony Pictures Entertainment.
  - Bangladesh Bank Heist: A 2016 cyber heist where $81 million was stolen from the Bangladesh Central Bank using fraudulent SWIFT transactions.
APT37 (Reaper, RedAlpha)
- Aliases: Scarcruft, Black Heaven
- Affiliation: North Korean government
- Targets: South Korean government, military, and technology sectors; also targets individuals and organizations in other countries.
- Notable Activities:
  - Espionage: Conducted cyber-espionage operations aimed at stealing sensitive information from South Korean and international targets.
APT38 (BlueNoroff, Stardust Chollima)
- Affiliation: North Korean government
- Targets: Financial institutions, cryptocurrency exchanges, and other high-value targets.
- Notable Activities:
  - Cryptocurrency Theft: Involved in high-profile attacks targeting cryptocurrency exchanges to steal millions in digital assets.
  - Bank Heists: Engaged in sophisticated attacks against financial institutions to steal funds.
Kimsuky
- Aliases: Thallium, Black Water
- Affiliation: North Korean government
- Targets: South Korean government officials, academic institutions, and political organizations.
- Notable Activities:
  - Cyber-espionage: Focused on gathering intelligence on South Korean political and defense sectors, as well as on U.S. and South Korean policy issues.
APT10 (Stone Panda, MenuPass)
- Affiliation: Chinese interests but has occasionally been linked to North Korean operations.
- Targets: Global technology, aerospace, and engineering sectors.
- Notable Activities:
  - Intellectual Property Theft: Conducted espionage campaigns targeting intellectual property and proprietary information.
APT34 (OilRig, Helix)
- Affiliation: Iranian but has sometimes cooperated with North Korean interests.
- Targets: Financial, energy, and telecommunications sectors.
- Notable Activities:
  - Espionage and Data Theft: Conducted operations focused on gathering sensitive information related to financial and industrial sectors.

PreviousVietnamese APT NextMobile Malware

Last updated 7 months ago