ID | Votes | Profile Description |
---|---|---|
APT37 | 8 | APT37, also known as ScarCruft, Reaper, or Group123, is a threat actor suspected to be linked to North Korea. It primarily targets South Korea but has also extended its activities to Japan, Vietnam, and the Middle East, focusing on various industry verticals such as chemicals, electronics, manufactu |
Reaper | 6 | Reaper, also known as APT37, Inky Squid, RedEyes, or ScarCruft, is a threat actor group attributed to North Korea. It deploys ROKRAT, a malicious tool that has been used in cyber exploitation since the 1970s. This group is also tied to the NOKKI malware family, which originated from research surroun |
Group123 | 3 | Group123, also known as Inky Squid or APT37, is a threat actor group suspected of executing malicious cyber activities. They are known for their technical capabilities and innovative intrusion techniques. Over the past 18 months, they have been associated with a series of attacks that utilize shellc |
Redeyes | 2 | RedEyes, also known as APT37, StarCruft, Reaper, or BadRAT, is a threat actor group known for its malicious cyber activities. This group recently deployed a new malware named FadeStealer to extract information from targeted systems. They have also been observed using CloudMensis, a malware that seek |
ID | Type | Votes | Profile Description |
---|---|---|---|
ROKRAT | Unspecified | 5 | RokRAT is a sophisticated malware that has been used by the cyber-espionage group ScarCruft, primarily to target South Korean media and research organizations. The malware is typically delivered via phishing emails with ZIP file attachments containing LNK files disguised as Word documents. However, |
Opencarrot | Unspecified | 2 | OpenCarrot is a malicious software (malware) that targets Windows operating systems, enabling unauthorized access and control over infected machines. Identified by IBM XForce, it has been linked to the activities of the Lazarus Group, a North Korean cyber threat operation known for its sophisticated |
BLUELIGHT | Unspecified | 2 | The BLUELIGHT malware, first observed in early 2021, was used as the final payload in a multistage attack. This attack involved a watering-hole assault on a South Korean online newspaper, an Internet Explorer exploit, and another ScarCruft backdoor. The attack process included multiple components li |
ID | Type | Votes | Profile Description |
---|---|---|---|
Kimsuky | Unspecified | 2 | Kimsuky, a threat actor linked to North Korea, has been increasingly active in conducting cyber espionage and malicious attacks. This group, also known as Springtail, ARCHIPELAGO, Black Banshee, Thallium, Velvet Chollima, and APT43, was first identified by Kaspersky researchers in 2013. In recent de |
Lazarus Group | Unspecified | 2 | The Lazarus Group, also known as APT38, is a notorious threat actor believed to be backed by the North Korean regime. This group has been associated with several high-profile cyber attacks and thefts, including the infamous $600 million Ronin sidechain exploit in 2022. Known for their sophisticated |
Bluenoroff | Unspecified | 2 | BlueNoroff, a threat actor closely associated with the Lazarus hacking group, has been identified as a significant cybersecurity risk. Known for their financially motivated attacks, BlueNoroff targets banks, casinos, fintech companies, POST software and cryptocurrency businesses, and ATMs. They have |
ID | Type | Votes | Profile Description |
---|---|---|---|
CVE-2018-4878 | Unspecified | 2 | None |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | 5 months ago | DPRK Exploits 2 MITRE Sub-Techniques: Phantom DLL Hijacking, TCC Abuse | |
DARKReading | 5 months ago | DPRK Exploits 2 MITRE Sub-Techniques: Phantom DLL Hijacking, TCC Abuse | |
BankInfoSecurity | 7 months ago | North Korean Group Seen Snooping on Russian Foreign Ministry | |
CERT-EU | 7 months ago | Konni RAT deployed via backdoored Russian government tool installer | |
Checkpoint | 8 months ago | 29th January – Threat Intelligence Report - Check Point Research | |
DARKReading | 8 months ago | North Korea's ScarCruft Attackers Gear Up to Target Cybersecurity Pros | |
CERT-EU | 9 months ago | Konni Malware Alert: Uncovering The Russian-Language Threat | |
CERT-EU | 10 months ago | Russian analysts point finger at China, North Korea over cyber activity | |
CERT-EU | a year ago | Understanding Advanced Persistent Threats | |
CERT-EU | a year ago | Trojanized VNC apps leveraged in defense-targeted Lazarus Group attacks | |
CERT-EU | a year ago | Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps | |
CERT-EU | a year ago | APT trends report Q3 2023 | |
DARKReading | a year ago | North Korea's State-Sponsored APTs Organize & Align | |
CERT-EU | a year ago | Virus Bulletin :: Teasing the secrets from threat actors: malware configuration extractors | |
CERT-EU | a year ago | North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers | |
CERT-EU | a year ago | FBI: DPRK cyber crooks may try to cash out $40m in crypto | |
CERT-EU | a year ago | North Korean Attackers Penetrated Russian Rocket Designer's Systems | |
CERT-EU | a year ago | Elite North Korean Hackers Breach Russian Missile Developer | |
CERT-EU | a year ago | Russian Missile Manufacturer Breached By North Korean Hackers | |
CERT-EU | a year ago | The Week in Security: Cloudflare Tunnels abuse ramps up, U.K. voter data exposed |