ID | Votes | Profile Description |
---|---|---|
ScarCruft | 8 | ScarCruft, also known as APT37, Inky Squid, RedEyes, Reaper, or Group123, is a North Korean threat actor group associated with malicious cyber activities. Their actions have been linked to the execution of targeted attacks against individual Android devices, as outlined in a VB2023 paper titled "Int |
Reaper | 6 | Reaper, also known as APT37, Inky Squid, RedEyes, or ScarCruft, is a threat actor group attributed to North Korea. It deploys ROKRAT, a malicious tool that has been used in cyber exploitation since the 1970s. This group is also tied to the NOKKI malware family, which originated from research surroun |
Kimsuky | 4 | Kimsuky, a threat actor linked to North Korea, has been increasingly active in conducting cyber espionage and malicious attacks. This group, also known as Springtail, ARCHIPELAGO, Black Banshee, Thallium, Velvet Chollima, and APT43, was first identified by Kaspersky researchers in 2013. In recent de |
Group123 | 3 | Group123, also known as Inky Squid or APT37, is a threat actor group suspected of executing malicious cyber activities. They are known for their technical capabilities and innovative intrusion techniques. Over the past 18 months, they have been associated with a series of attacks that utilize shellc |
Redeyes | 2 | RedEyes, also known as APT37, StarCruft, Reaper, or BadRAT, is a threat actor group known for its malicious cyber activities. This group recently deployed a new malware named FadeStealer to extract information from targeted systems. They have also been observed using CloudMensis, a malware that seek |
ID | Type | Votes | Profile Description |
---|---|---|---|
ROKRAT | Unspecified | 6 | RokRAT is a sophisticated malware that has been used by the cyber-espionage group ScarCruft, primarily to target South Korean media and research organizations. The malware is typically delivered via phishing emails with ZIP file attachments containing LNK files disguised as Word documents. However, |
KONNI | Unspecified | 4 | Konni is a malicious software (malware) linked to North Korea, specifically associated with the state-sponsored Kimsuky group. This advanced persistent threat (APT) has been active since at least 2021, focusing on high-profile targets such as the Russian Ministry of Foreign Affairs, the Russian Emba |
Amadey | Unspecified | 3 | Amadey is a sophisticated malware that has been identified as being used in various malicious campaigns. The malware is typically delivered through GuLoader, a loader known for its use in protecting payloads against antivirus detection. Analysis of the infection chains revealed encrypted Amadey payl |
ID | Type | Votes | Profile Description |
---|---|---|---|
Lazarus Group | Unspecified | 3 | The Lazarus Group, also known as APT38, is a notorious threat actor believed to be backed by the North Korean regime. This group has been associated with several high-profile cyber attacks and thefts, including the infamous $600 million Ronin sidechain exploit in 2022. Known for their sophisticated |
Apt43 | Unspecified | 2 | APT43, also known as Kimsuky, Sparkling Pisces, Emerald Sleet, and Velvet Chollima among other names, is a North Korean state-sponsored advanced persistent threat (APT) group involved in cybercrime and espionage. This threat actor conducts intelligence collection and uses cybercrime to fund its espi |
ID | Type | Votes | Profile Description |
---|---|---|---|
CVE-2022-41128 | Unspecified | 2 | None |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | 4 months ago | Microsoft Graph API Emerges as a Top Attacker Tool to Plot Data Theft | |
DARKReading | 5 months ago | DPRK Exploits 2 MITRE Sub-Techniques: Phantom DLL Hijacking, TCC Abuse | |
DARKReading | 5 months ago | DPRK Exploits 2 MITRE Sub-Techniques: Phantom DLL Hijacking, TCC Abuse | |
CERT-EU | 6 months ago | Russia and Belarus targeted by at least 14 nation-state hacker groups, researchers say | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | |
BankInfoSecurity | 7 months ago | North Korean Group Seen Snooping on Russian Foreign Ministry | |
Recorded Future | 8 months ago | North Korea’s Cyber Strategy | Recorded Future | |
MITRE | 9 months ago | Operation (노스 스타) North Star A Job Offer That’s Too Good to be True? | McAfee Blog | |
CERT-EU | a year ago | Trojanized VNC apps leveraged in defense-targeted Lazarus Group attacks | |
CERT-EU | a year ago | Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps | |
CERT-EU | a year ago | North Korean defectors' group leader attacked by state-backed hackers | |
CERT-EU | a year ago | North Korean Hackers Continue to Refine Their Arsenal of Tactics & Techniques | |
DARKReading | a year ago | North Korea's State-Sponsored APTs Organize & Align | |
Recorded Future | a year ago | Multi-year Chinese APT Campaign Targets South Korean Academic, Government, and Political Entities | Recorded Future | |
CERT-EU | a year ago | Microsoft: North Korean hackers target Russian govt, defense orgs | |
CERT-EU | a year ago | Russian missile manufacturer subjected to North Korean APT attack | |
CERT-EU | a year ago | Comrades in Arms? | North Korea Compromises Sanctioned Russian Missile Engineering Company | |
CERT-EU | a year ago | North Korean Hackers Targets Russian Missile Engineering Firm | |
BankInfoSecurity | a year ago | North Korean Hackers Phishing With US Army Job Lures | |
BankInfoSecurity | a year ago | N Korean Hackers Phishing With US Army Job Lures | |
CERT-EU | a year ago | Stark#Mule Malware Campaign Targets Koreans, Uses US Army Documents |