| ID | Votes | Profile Description |
|---|---|---|
| Kandykorn | 3 | KandyKorn is a new strain of malware that has recently been identified as an emerging threat to the technology sector, particularly targeting blockchain engineers. The malicious software, which is designed to infiltrate and damage computer systems, often enters undetected through suspicious download |
| Andariel | 2 | Andariel, a notorious threat actor associated with the Lazarus Group and linked to North Korea, is known for its malicious cyber activities. The group has been identified using DTrack malware and Maui ransomware, notably in mid-2022, and has developed a reputation for exploiting ActiveX objects. Res |
| Stardust Chollima | 2 | Stardust Chollima is a recognized threat actor in the cybersecurity industry, primarily known for its malicious activities aimed at acquiring funds. This group has been linked to various high-profile cyber-attacks and fraudulent activities since 2015. Stardust Chollima has been associated with the f |
| TA444 | 2 | TA444, also known as BlueNoroff, APT28, Nickel Gladstone, Sapphire Sleet, Stardust Chollima, and other monikers, is a prolific North Korean state-backed threat actor known for its malicious cyber activities. The group has been continuously generating proprietary malware, distinguishing it from other |
| Sapphire Sleet | 2 | Sapphire Sleet is a threat actor, or malicious entity, that is linked to North Korea. This group has been identified as an Advanced Persistent Threat (APT), known for executing sophisticated and continuous cyberattacks. Sapphire Sleet has been particularly active in targeting IT job seekers through |
| Cryptocore | 2 | CryptoCore, also known as UNC1069, is a threat actor linked to the North Korea-associated Advanced Persistent Threat (APT) group, Sapphire Sleet. This group, alternatively referred to as APT38, BlueNoroff, CageyChameleon, and CryptoCore, operates as a subgroup of the notorious Lazarus APT group. The |
| Sockracket | 2 | None |
| BeagleBoyz | 1 | The BeagleBoyz, also known as threat activity group 71 (TAG-71), is a significant cybersecurity threat actor with strong ties to the North Korean state-sponsored APT38. This group, recognized under various aliases such as Bluenoroff and Stardust Chollima, has been involved in extensive cyber operati |
| HIDDEN COBRA | 1 | Hidden Cobra, also known as the Lazarus Group and Sapphire Sleet, is a North Korean cyberespionage group that has been active since at least 2009. The U.S. Government uses the term Hidden Cobra to refer to malicious cyber activities by the North Korean government, with the BeagleBoyz representing a |
| Reconnaissance General Bureau Rgb | 1 | The Reconnaissance General Bureau (RGB) is a North Korean military intelligence agency identified as a threat actor responsible for various cyberattacks. RGB is associated with hacking groups known as the "Lazarus Group," "Bluenoroff," and "Andariel," which are recognized as agencies or controlled e |
| Reconnaissance General Bureau | 1 | The Reconnaissance General Bureau (RGB) is a North Korean intelligence agency responsible for clandestine operations abroad, including cyber activities. The RGB has been associated with several threat actors, including the BeagleBoyz, who have likely been active since at least 2014. Other groups lin |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Rustbucket | Unspecified | 5 | RustBucket is a malicious software (malware) campaign that was first uncovered in 2021 and attributed to BlueNoroff, a North Korea-linked Advanced Persistent Threat (APT) group. The malware is known for its ability to exploit and damage computer systems, often infiltrating through suspicious downloa |
| Objcshellz | Unspecified | 2 | ObjCShellz is a lightweight but advanced malware written in Objective-C, identified by researchers from Jamf Threat Labs in November 2023. This malicious software is designed to infiltrate macOS systems and enable remote execution of commands by attackers. It is characterized by its advanced obfusca |
| Spectralblur | Unspecified | 1 | SpectralBlur is a new form of malware that has emerged as a significant cybersecurity threat in 2024. It is characterized as a backdoor Trojan targeting macOS systems, allowing unauthorized access and control over infected devices. This malicious software is capable of exploiting and damaging the us |
| KONNI | Unspecified | 1 | Konni is a malware, short for malicious software, that poses a significant threat to computer systems and data. It's designed to infiltrate systems surreptitiously through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside a system, Konni can wreak havoc by stealin |
| WannaCry | Unspecified | 1 | WannaCry is a type of malware, specifically ransomware, that caused significant global disruption in 2017. It exploited Windows SMBv1 Remote Code Execution Vulnerabilities (CVE-2017-0144, CVE-2017-0145, CVE-2017-0143), which allowed it to spread rapidly and infect over 200,000 machines across more t |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Lazarus Group | is related to | 4 | The Lazarus Group, a notorious threat actor believed to be linked to North Korea, has been attributed with a series of significant cyber-attacks over the past few years. The group's malicious activities include the exploitation of digital infrastructure, stealing cryptocurrency, and executing large- |
| APT38 | is related to | 3 | APT38, also known as TA444, BlueNoroff, BlackAlicanto, Coperenicum, Sapphire Sleet, Stardust Chollima, and TraderTraitor, is a threat actor group suspected to be backed by the North Korean regime. The group has been active in operations across over 16 organizations in at least 11 countries, primaril |
| ScarCruft | Unspecified | 2 | ScarCruft, also known as APT37, Inky Squid, RedEyes, Reaper, or Group123, is a North Korean threat actor group associated with malicious cyber activities. Their actions have been linked to the execution of targeted attacks against individual Android devices, as outlined in a VB2023 paper titled "Int |
| Rgb | Unspecified | 2 | RGB, a threat actor with ties to North Korea, has been involved in a range of malicious cyber activities. The group was designated by the Office of Foreign Assets Control (OFAC) on January 2, 2015, under Executive Order 13687 for being a controlled entity of the North Korean government. In addition |
| Passcv | Unspecified | 1 | PassCV is a threat actor, or hacking team, that has been identified as part of the Chinese intelligence apparatus. This group has operated under various names including Winnti, APT17, Axiom, LEAD, BARIUM, Wicked Panda, and GREF, indicating a broad and complex network of cyber operations. The group i |
| NOBELIUM | Unspecified | 1 | Nobelium, a threat actor linked to Russia's SVR, has been actively targeting French diplomatic entities as part of its cyber-espionage activities. The Advanced Persistent Threat (APT) group has utilized sophisticated techniques such as phishing and attempts to install Cobalt Strike, an advanced malw |
| Elfin | Unspecified | 1 | Elfin, also known by various names including Curious Serpens, Peach Sandstorm, APT33, HOLMIUM, MAGNALIUM, and REFINED KITTEN, is a significant threat actor with a track record of malicious cyber activities dating back to at least 2013. The group has been particularly active from 2016 to 2019, target |
| APT10 | Unspecified | 1 | APT10, also known as the Menupass Team, is a threat actor believed to operate on behalf of the Chinese Ministry of State Security (MSS). The group has been active since 2009 and is suspected to be based in Tianjin, China, according to research by IntrusionTruth in 2018. APT10 has primarily targeted |
| Sidewinder | Unspecified | 1 | The Sidewinder threat actor group, also known as Rattlesnake, BabyElephant, APT Q4, APT Q39, Hardcore Nationalist, HN2, RAZOR Tiger, and GroupA21, is a significant cybersecurity concern with a history of malicious activities dating back to 2012. This report investigates a recent campaign by Sidewind |
| BITTER | Unspecified | 1 | Bitter, also known as T-APT-17, is a suspected South Asian threat actor that has been involved in various cyber campaigns. The group has been active since at least August 2021, with its operations primarily targeting government personnel in Bangladesh through spear-phishing emails. The similarities |
| FIN12 | Unspecified | 1 | FIN12, also known as DEV-0237 and Pistachio Tempest, is a threat actor group notorious for its malicious cyber activities. Tracked by Microsoft, this group is primarily engaged in the distribution of Hive, Conti, and Ryuk ransomware. The group has been responsible for several high-profile ransomware |
| temp.hermit | Unspecified | 1 | Temp.Hermit, also known as Lazarus Group or Hidden Cobra, is a threat actor group associated with North Korea's Reconnaissance General Bureau (RGB). The group has been operational since 2013 and is known for its cyberespionage activities targeting governments and sectors such as defense, telecommuni |
| Covellite | Unspecified | 1 | None |
| Circuit Panda | Unspecified | 1 | Circuit Panda, also known as BlackTech, HUAPI, Manga Taurus, Palmerworm, Red Djinn, and Temp.Overboard, is a significant threat actor with a history of operating against targets in East Asia, particularly Taiwan, Japan, and Hong Kong since at least 2007. This group is part of a constellation of adva |
| APT37 | Unspecified | 1 | APT37, also known as ScarCruft, Reaper, or Group123, is a threat actor suspected to be linked to North Korea. It primarily targets South Korea but has also extended its activities to Japan, Vietnam, and the Middle East, focusing on various industry verticals such as chemicals, electronics, manufactu |
| Apt43 | Unspecified | 1 | APT43, also known as Kimsuky, is a North Korean state-sponsored advanced persistent threat (APT) group that has been actively involved in cybercrime and espionage. The group has been implicated in a series of attacks exploiting vulnerabilities, which have drawn the attention of various cybersecurity |
| Cageychameleon | Unspecified | 1 | None |
| Kimsuky | Unspecified | 1 | Kimsuky is a North Korea-linked advanced persistent threat (APT) group that conducts global cyber-attacks to gather intelligence for the North Korean government. The group has been identified as a significant threat actor, executing actions with malicious intent, and has recently targeted victims vi |
| TA505 | Unspecified | 1 | TA505, also known as Cl0p Ransomware Gang and Lace Tempest, is a highly active and sophisticated cybercriminal group. The group has been associated with various high-profile cyber-attacks, demonstrating adaptability through a multi-vector approach to their operations. In June 2023, the U.S. Cybersec |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
No associations to display |
| Source | CreatedAt | Title |
|---|---|---|
| Securelist | 2 months ago | Non-mobile malware statistics, Q1 2024 |
| CERT-EU | 5 months ago | Calendar Meeting Links Used To Spread Mac Malware - Slashdot |
| CERT-EU | 5 months ago | Hackers Exploit Calendly Links to Spread Malware on macOS |
| Krebs on Security | 5 months ago | Calendar Meeting Links Used to Spread Mac Malware |
| CERT-EU | 7 months ago | Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea |
| Securityaffairs | 7 months ago | Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea |
| CERT-EU | 7 months ago | New JaskaGO Malware Targets Mac and Windows for Crypto, Browser Data |
| CERT-EU | 7 months ago | Lazarus Group Exploits Log4j Flaw in New Malware Campaign |
| CERT-EU | 8 months ago | Is macOS as secure as its users think? |
| CERT-EU | 8 months ago | BlueNoroff: New Malware Attacking MacOS Users |
| CERT-EU | 8 months ago | U.S. Treasury Sanctions Eight Foreign-Based Agents and North Korean Kimsuky Attackers |
| CERT-EU | 8 months ago | BlueNoroff: new Trojan attacking macOS users – GIXtools |
| CERT-EU | 8 months ago | New BlueNoroff loader for macOS |
| CERT-EU | 8 months ago | North Korea's state hackers stole $3 billion in crypto since 2017 |
| CERT-EU | 8 months ago | Kimsuky hacking group faces US sanctions |
| DARKReading | 8 months ago | macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks |
| CERT-EU | 8 months ago | UK, South Korea Warn of North Korea Supply-Chain Attacks |
| CERT-EU | 8 months ago | Microsoft: Lazarus hackers breach CyberLink in supply chain attack |
| CERT-EU | 8 months ago | North Korean Hackers Pose as Job Recruiters and Seekers in Malware Campaigns |
| CERT-EU | 8 months ago | Poloniex loses over $100M in crypto heist |