Alias Description | Votes |
---|---|
ScarCruft is a possible alias for APT37. ScarCruft, also known as APT37, Inky Squid, RedEyes, Reaper, or Group123, is a North Korean threat actor group associated with malicious cyber activities. Their actions have been linked to the execution of targeted attacks against individual Android devices, as outlined in a VB2023 paper titled "Int | 8 |
Reaper is a possible alias for APT37. Reaper, also known as APT37, Inky Squid, RedEyes, or ScarCruft, is a threat actor group attributed to North Korea. It deploys ROKRAT, a malicious tool that has been used in cyber exploitation since the 1970s. This group is also tied to the NOKKI malware family, which originated from research surroun | 6 |
Kimsuky is a possible alias for APT37. Kimsuky, also known as Springtail, ARCHIPELAGO, Black Banshee, Thallium, Velvet Chollima, and APT43, is a North Korea-linked Advanced Persistent Threat (APT) group first identified by Kaspersky researchers in 2013. The group has been involved in various cyber espionage activities against global targ | 4 |
Group123 is a possible alias for APT37. Group123, also known as Inky Squid or APT37, is a threat actor group suspected of executing malicious cyber activities. They are known for their technical capabilities and innovative intrusion techniques. Over the past 18 months, they have been associated with a series of attacks that utilize shellc | 3 |
Redeyes is a possible alias for APT37. RedEyes, also known as APT37, StarCruft, Reaper, InkSquid, BadRAT, ScarCruft, and Ricochet Chollima, is a threat actor group known for its malicious activities. The group has recently deployed a new malware called FadeStealer to pilfer data from compromised systems, which it then sends to a command- | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The ROKRAT Malware is associated with APT37. RokRAT is a sophisticated malware that has been used by the cyber-espionage group ScarCruft, primarily to target South Korean media and research organizations. The malware is typically delivered via phishing emails with ZIP file attachments containing LNK files disguised as Word documents. However, | Unspecified | 6 |
The KONNI Malware is associated with APT37. Konni is a malicious software (malware) linked to North Korea, specifically associated with the state-sponsored Kimsuky group. This advanced persistent threat (APT) has been active since at least 2021, focusing on high-profile targets such as the Russian Ministry of Foreign Affairs, the Russian Emba | Unspecified | 4 |
The Amadey Malware is associated with APT37. Amadey is a form of malware, a malicious software designed to exploit and damage computer systems. This particular malware is distributed via the Amadey loader, which can be disseminated through phishing emails or downloads from compromised sites. It has been observed that the individual behind the | Unspecified | 3 |
Alias Description | Association Type | Votes |
---|---|---|
The Lazarus Group Threat Actor is associated with APT37. The Lazarus Group, a notorious threat actor attributed to North Korea, has been implicated in a series of high-profile cyberattacks and illicit activities. The group is known for its sophisticated operations, including Operation DreamJob, which targeted Spain with a high level of confidence. Over th | Unspecified | 3 |
The Apt43 Threat Actor is associated with APT37. APT43, also known as Kimsuky, is a North Korean Advanced Persistent Threat (APT) group that has been active since at least 2013. The group is known for its intelligence collection activities and using cybercrime to fund espionage. It has been linked to several aliases including Springtail, ARCHIPELA | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The vulnerability CVE-2022-41128 is associated with APT37. | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | 14 days ago | ||
DARKReading | 6 months ago | ||
DARKReading | 6 months ago | ||
DARKReading | 6 months ago | ||
CERT-EU | 8 months ago | ||
BankInfoSecurity | 8 months ago | ||
Recorded Future | 9 months ago | ||
MITRE | 10 months ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
DARKReading | a year ago | ||
Recorded Future | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
BankInfoSecurity | a year ago | ||
BankInfoSecurity | a year ago |