Threat Group Cards: A Threat Actor Encyclopedia

APT group: [Unnamed groups: North Korea]

Names	[Unnamed groups: North Korea] (?)
Country	North Korea
Motivation	Information theft and espionage
First seen	2019
Description	These are reported APT activities attributed to a country, but not to an individual threat group.
Observed	Countries: France, USA.
Tools used
Operations performed	Aug 2019	Suspected North Korean Cyber Espionage Campaign Targets Multiple Foreign Ministries and Think Tanks <https://www.anomali.com/blog/suspected-north-korean-cyber-espionage-campaign-targets-multiple-foreign-ministries-and-think-tanks#When:14:00:00Z>
Counter operations	Jan 2019	Justice Department Announces Court-Authorized Efforts to Map and Disrupt Botnet Used by North Korean Hackers <https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-efforts-map-and-disrupt-botnet-used-north>
Information	<https://www.us-cert.gov/ncas/current-activity/2020/02/14/north-korean-malicious-cyber-activity> <https://www.us-cert.gov/ncas/alerts/aa20-106a> <https://www.us-cert.gov/ncas/current-activity/2020/05/12/north-korean-malicious-cyber-activity> <https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-187a> <https://www.us-cert.gov/ncas/current-activity/2018/08/09/North-Korean-Malicious-Cyber-Activity> <https://www.us-cert.gov/ncas/current-activity/2019/09/09/north-korean-malicious-cyber-activity> <https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/final/en-us/microsoft-brand/documents/MTAC-East-Asia-Report.pdf>

Last change to this card: 22 April 2024

Download this actor card in PDF or JSON format