Unc4899

Threat Actor updated a month ago (2024-09-10T04:18:40.843Z)
Download STIX
Preview STIX
UNC4899, also known as Slow Pisces, TraderTraitor, and Jade Sleet, is a threat actor group that has been identified as a significant cybersecurity concern. This group has primarily targeted companies operating in the blockchain and cryptocurrency sectors, deploying sophisticated spear-phishing attacks to compromise their systems. UNC4899 has been linked to several high-profile cyber-attacks, including the infamous JumpCloud hack that occurred in late June 2023. The group's activities are not confined to a single geographical region or industry, making it a global threat to digital security. The group has been traced back to North Korea's Reconnaissance General Bureau (RGB), according to investigations conducted by Google's Mandiant. Mandiant's findings suggest with high confidence that UNC4899 operates under the auspices of the RGB, aligning its activities with the strategic interests of the Democratic People’s Republic of Korea (DPRK). This connection signifies a state-sponsored element to the group's operations, adding an additional layer of complexity and seriousness to the threats posed by UNC4899. Despite the various aliases used by this group, there seems to be a consensus among cybersecurity experts about the nature of the threat posed by UNC4899. The group's focus on blockchain and cryptocurrency companies indicates a potential interest in financial gain or disruption of these burgeoning industries. As the group's tactics and capabilities become more apparent, it is crucial for organizations, particularly those in targeted sectors, to take proactive measures to protect themselves from potential attacks.
Description last updated: 2024-09-10T03:19:49.592Z
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Jade Sleet is a possible alias for Unc4899. Jade Sleet, also known as TraderTraitor and UNC4899, is a North Korean state-sponsored threat actor that primarily targets blockchain and cryptocurrency companies. GitHub has expressed "high confidence" that this group is behind an ongoing campaign targeting personal user accounts associated with bl
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Unc4899 Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more