Link Search Menu Expand Document

APT38

State-backed: North Korean

Associated Groups : Lazarus Group, Operation DarkSeoul, Dark Seoul, Hidden Cobra, Hastati Group, Andariel, Unit 121, Bureau 121, NewRomanic Cyber Army Team, Bluenoroff, Subgroup: Bluenoroff, Group 77, Labyrinth Chollima, Operation Troy, Operation GhostSecret, Operation AppleJeus, Stardust Chollima, Whois Hacking Team, Zinc, Appleworm, Nickel Academy, APT-C-26, NICKEL GLADSTONE

Estimated time of origin: 2009

Target: Various industries primarily in South Korea - though also Japan, Vietnam and the Middle East

Strategy :

Malwares: various

Noteworthy:

  • Reportedly responsible for the November 2014 Sony breach.

Reference

MITRE ATT&CK FireEye Un-usual Suspects Kaspersky Malpedia