| ID | Votes | Profile Description |
|---|---|---|
| Lazarus Group | 2 | The Lazarus Group, a notorious threat actor believed to be linked to North Korea, has been attributed with a series of significant cyber-attacks over the past few years. The group's malicious activities include the exploitation of digital infrastructure, stealing cryptocurrency, and executing large- |
| Diamond Sleet | 2 | Diamond Sleet, a North Korea-linked Advanced Persistent Threat (APT), has been identified as a significant threat actor in the cybersecurity landscape. This group is known for its sophisticated supply chain attacks, specifically leveraging CyberLink software to execute their malicious activities. Th |
| Ants2whale | 1 | Ants2Whale is a malicious software (malware) identified as the seventh version of AppleJeus, a notorious family of North Korean malware targeting cryptocurrency operations. First discovered in late 2020, Ants2Whale operates similarly to its predecessors, with its main function being to provide hacke |
| KONNI | 1 | Konni is a malware, short for malicious software, that poses a significant threat to computer systems and data. It's designed to infiltrate systems surreptitiously through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside a system, Konni can wreak havoc by stealin |
| ZINC | 1 | Zinc, also known as Diamond Sleet, is a North Korea-based threat actor group that has been actively involved in cyberattacks on global media, defense, and IT industries. Microsoft's Threat Intelligence Center has been tracking the group's activities, which have included weaponizing open-source softw |
| AppleJeus | 1 | AppleJeus is a notorious malware attributed to the North Korean APT Lazarus Group, designed primarily to steal cryptocurrency. This malicious software has been a key instrument in North Korea's financial theft operations, with threat groups pilfering $2.3 billion USD worth of crypto assets between M |
| BeagleBoyz | 1 | The BeagleBoyz, also known as threat activity group 71 (TAG-71), is a significant cybersecurity threat actor with strong ties to the North Korean state-sponsored APT38. This group, recognized under various aliases such as Bluenoroff and Stardust Chollima, has been involved in extensive cyber operati |
| Bluenoroff | 1 | BlueNoroff, a threat actor closely associated with the notorious Lazarus Group, has been actively involved in malicious cyber activities primarily targeting financial institutions and cryptocurrency businesses. Known for its sophisticated attacks on banks, casinos, fintech companies, POST software, |
| temp.hermit | 1 | Temp.Hermit, also known as Lazarus Group or Hidden Cobra, is a threat actor group associated with North Korea's Reconnaissance General Bureau (RGB). The group has been operational since 2013 and is known for its cyberespionage activities targeting governments and sectors such as defense, telecommuni |
| Covellite | 1 | None |
| Kimsuky | 1 | Kimsuky is a North Korea-linked advanced persistent threat (APT) group that conducts global cyber-attacks to gather intelligence for the North Korean government. The group has been identified as a significant threat actor, executing actions with malicious intent, and has recently targeted victims vi |
| APT37 | 1 | APT37, also known as ScarCruft, Reaper, or Group123, is a threat actor suspected to be linked to North Korea. It primarily targets South Korea but has also extended its activities to Japan, Vietnam, and the Middle East, focusing on various industry verticals such as chemicals, electronics, manufactu |
| Sapphire Sleet | 1 | Sapphire Sleet is a threat actor, or malicious entity, that is linked to North Korea. This group has been identified as an Advanced Persistent Threat (APT), known for executing sophisticated and continuous cyberattacks. Sapphire Sleet has been particularly active in targeting IT job seekers through |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Cobra | Unspecified | 2 | Cobra is a type of malware, short for malicious software, designed to exploit and damage computer systems or devices. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Cobra has the potential to steal personal information, disrup |
| WannaCry | Unspecified | 2 | WannaCry is a type of malware, specifically ransomware, that caused significant global disruption in 2017. It exploited Windows SMBv1 Remote Code Execution Vulnerabilities (CVE-2017-0144, CVE-2017-0145, CVE-2017-0143), which allowed it to spread rapidly and infect over 200,000 machines across more t |
| TYPEFRAME | Unspecified | 1 | Typeframe is a notorious malware variant known for its damaging potential. It was designed to exploit and harm computers or devices by infiltrating systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt o |
| Volgmer | Unspecified | 1 | Volgmer is a backdoor Trojan malware, designed to provide covert access to a compromised system. Developed by the Lazarus Group, it has been used as a conduit for serving backdoors to control infected systems. This malware has been observed in 32-bit form as either executables or dynamic-link librar |
| FALLCHILL | Unspecified | 1 | FALLCHILL is a malicious software (malware) typically introduced into a system as a file dropped by other HIDDEN COBRA malware. It has been linked to the North Korea-associated Lazarus APT group, who notably utilized a MacOS variant of the malware for the first time. The cybersecurity company that r |
| BLINDINGCAN | Unspecified | 1 | BlindingCan, also known as AIRDRY or ZetaNile, is a multifaceted malware capable of extracting sensitive data from compromised hosts. The threat actor gained initial access to systems via spear-phishing attacks masquerading as recruiters for high-profile companies and deployed new malware dubbed "Li |
| Kupay Wallet | Unspecified | 1 | Kupay Wallet is a malicious software (malware) identified as part of the AppleJeus Version 4 malware family, developed and deployed by North Korean hackers, referred to by the U.S. government as HIDDEN COBRA. The malware was developed between March 2018 and September 2020, alongside other malicious |
| Mars | Unspecified | 1 | Mars is a malicious software (malware) that has been discovered by Trend Micro's Mobile Application Reputation Service (MARS) team. This malware is particularly damaging as it involves two new Android malware families related to cryptocurrency mining and financially-motivated scam campaigns, targeti |
| Dorusio | Unspecified | 1 | Dorusio is a malware application that is part of the "AppleJeus" family, a group of malicious cryptocurrency applications developed by North Korean hackers, also known as HIDDEN COBRA. The Dorusio program, which mimics an open-source cryptocurrency wallet application, was developed alongside other m |
| Cryptoneuro Trader | Unspecified | 1 | CryptoNeuro Trader is a malicious software (malware) that has been used to target and exploit hundreds of cryptocurrency companies, leading to the theft of tens of millions of dollars' worth of cryptocurrency. Notable incidents include the theft of $75 million from a Slovenian company in December 20 |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Rgb | Unspecified | 1 | RGB, a threat actor with ties to North Korea, has been involved in a range of malicious cyber activities. The group was designated by the Office of Foreign Assets Control (OFAC) on January 2, 2015, under Executive Order 13687 for being a controlled entity of the North Korean government. In addition |
| Reconnaissance General Bureau Rgb | Unspecified | 1 | The Reconnaissance General Bureau (RGB) is a North Korean military intelligence agency identified as a threat actor responsible for various cyberattacks. RGB is associated with hacking groups known as the "Lazarus Group," "Bluenoroff," and "Andariel," which are recognized as agencies or controlled e |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
No associations to display |
| Source | CreatedAt | Title |
|---|---|---|
| DARKReading | 4 months ago | 150K+ UAE Network Devices & Apps Exposed Online |
| MITRE | 7 months ago | Operation (노스 스타) North Star A Job Offer That’s Too Good to be True? | McAfee Blog |
| InfoSecurity-magazine | 8 months ago | North Korea Blamed For CyberLink Supply Chain Attacks |
| CERT-EU | 9 months ago | Trojanized VNC apps leveraged in defense-targeted Lazarus Group attacks |
| CERT-EU | 9 months ago | Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps |
| CERT-EU | 10 months ago | Lazarus APT Exploiting LinkedIn to Target Spanish Aerospace Firm |
| CERT-EU | 10 months ago | Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company |
| CERT-EU | 10 months ago | Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company |
| CERT-EU | 10 months ago | Connect the Dots on State-Sponsored Cyber Incidents - Lazarus Group |
| MITRE | a year ago | HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL | CISA |
| MITRE | a year ago | BLINDINGCAN Remote Access Trojan - NHS Digital |
| MITRE | a year ago | MAR-10135536-12 – North Korean Trojan: TYPEFRAME | CISA |
| MITRE | a year ago | MAR-10271944-1.v1 – North Korean Trojan: HOTCROISSANT | CISA |
| MITRE | a year ago | HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure | CISA |
| MITRE | a year ago | North Korean Advanced Persistent Threat Focus: Kimsuky | CISA |
| MITRE | a year ago | FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks | CISA |
| MITRE | a year ago | AppleJeus: Analysis of North Korea’s Cryptocurrency Malware | CISA |
| Krypos Logic | a year ago | A Brief Look At North Korean Cryptography |
| MITRE | a year ago | HIDDEN COBRA – North Korean Trojan: Volgmer | CISA |
| ESET | a year ago | WinorDLL64: A backdoor from the vast Lazarus arsenal? | WeLiveSecurity |