ID | Votes | Profile Description |
---|---|---|
Sapphire Sleet | 3 | Sapphire Sleet is a North Korea-linked Advanced Persistent Threat (APT) group known for its malicious activities. As a threat actor, Sapphire Sleet has been identified as the entity behind the execution of actions with harmful intent. The group's operations are sophisticated and persistent, targetin |
Kandykorn | 3 | KandyKorn is a type of malware, first discovered in 2023, that targets macOS systems. Developed by the Lazarus hacking group, this malicious software specifically aims at blockchain engineers. The known infection process begins with social engineering tactics, tricking the victim into downloading a |
Andariel | 2 | Andariel, also known as Jumpy Pisces and Onyx Sleet, is a threat actor primarily involved in cyberespionage and ransomware activities. Originating from North Korea, this group has been linked to several malicious cyber activities alongside other groups like Lazarus Group and Bluenoroff. The group's |
Stardust Chollima | 2 | Stardust Chollima is a recognized threat actor in the cybersecurity industry, primarily known for its malicious activities aimed at acquiring funds. This group has been linked to various high-profile cyber-attacks and fraudulent activities since 2015. Stardust Chollima has been associated with the f |
TA444 | 2 | TA444, also known as BlueNoroff, APT28, Nickel Gladstone, Sapphire Sleet, Stardust Chollima, and other monikers, is a prolific North Korean state-backed threat actor known for its malicious cyber activities. The group has been continuously generating proprietary malware, distinguishing it from other |
Cryptocore | 2 | CryptoCore, also known as UNC1069, is a threat actor linked to the North Korea-associated Advanced Persistent Threat (APT) group, Sapphire Sleet. This group, alternatively referred to as APT38, BlueNoroff, CageyChameleon, and CryptoCore, operates as a subgroup of the notorious Lazarus APT group. The |
Sockracket | 2 | None |
ID | Type | Votes | Profile Description |
---|---|---|---|
Rustbucket | Unspecified | 5 | RustBucket is a malicious software (malware) campaign that was first reported in 2023 and has been attributed to the BlueNoroff group, which was initially discovered in 2021. This malware specifically targets macOS systems and is considered a later-stage variant of the original RustBucket malware du |
Objcshellz | Unspecified | 2 | ObjCShellz is a lightweight malware written in Objective-C, known for its advanced obfuscation features. Discovered by Jamf Threat Labs in November 2023, this malware operates as a relatively simple backdoor, serving as a remote shell that allows an attacker to execute arbitrary commands. It's typic |
ID | Type | Votes | Profile Description |
---|---|---|---|
APT38 | is related to | 4 | APT38, a threat actor suspected to be backed by the North Korean regime, has been responsible for some of the largest cyber heists observed to date. The group has conducted operations in over 16 organizations across at least 11 countries, primarily targeting financial institutions worldwide. Despite |
Lazarus Group | is related to | 4 | The Lazarus Group, also known as APT38, is a notorious threat actor believed to be backed by the North Korean regime. This group has been associated with several high-profile cyber attacks and thefts, including the infamous $600 million Ronin sidechain exploit in 2022. Known for their sophisticated |
ScarCruft | Unspecified | 2 | ScarCruft, also known as APT37, Inky Squid, RedEyes, Reaper, or Group123, is a North Korean threat actor group associated with malicious cyber activities. Their actions have been linked to the execution of targeted attacks against individual Android devices, as outlined in a VB2023 paper titled "Int |
Rgb | Unspecified | 2 | RGB is a threat actor group, part of North Korea's Reconnaissance General Bureau (RGB), a military intelligence agency under the General Staff Bureau of the Korean People's Army. Over the years, the RGB has revealed at least six threat groups, including Andariel, also known as Onyx Sleet, formerly P |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Unit42 | 4 days ago | Threat Assessment: North Korean Threat Groups | |
Securelist | 3 months ago | Non-mobile malware statistics, Q1 2024 | |
CERT-EU | 6 months ago | Calendar Meeting Links Used To Spread Mac Malware - Slashdot | |
CERT-EU | 7 months ago | Hackers Exploit Calendly Links to Spread Malware on macOS | |
Krebs on Security | 7 months ago | Calendar Meeting Links Used to Spread Mac Malware | |
CERT-EU | 8 months ago | Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea | |
Securityaffairs | 8 months ago | Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea | |
CERT-EU | 9 months ago | New JaskaGO Malware Targets Mac and Windows for Crypto, Browser Data | |
CERT-EU | 9 months ago | Lazarus Group Exploits Log4j Flaw in New Malware Campaign | |
CERT-EU | 9 months ago | Is macOS as secure as its users think? | |
CERT-EU | 9 months ago | BlueNoroff: New Malware Attacking MacOS Users | |
CERT-EU | 9 months ago | U.S. Treasury Sanctions Eight Foreign-Based Agents and North Korean Kimsuky Attackers | |
CERT-EU | 9 months ago | BlueNoroff: new Trojan attacking macOS users – GIXtools | |
CERT-EU | 9 months ago | New BlueNoroff loader for macOS | |
CERT-EU | 9 months ago | North Korea's state hackers stole $3 billion in crypto since 2017 | |
CERT-EU | 9 months ago | Kimsuky hacking group faces US sanctions | |
DARKReading | 10 months ago | macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks | |
CERT-EU | 10 months ago | UK, South Korea Warn of North Korea Supply-Chain Attacks | |
CERT-EU | 10 months ago | Microsoft: Lazarus hackers breach CyberLink in supply chain attack | |
CERT-EU | 10 months ago | North Korean Hackers Pose as Job Recruiters and Seekers in Malware Campaigns |