Show in Graph
Common Information
Type Value
Value 
APT43
Category Actor
Type Threat-Actor
Misp Type Cluster
Description • APT43 is a prolific cyber operator that supports the interests of the North Korean regime. The group combines moderately-sophisticated technical capabilities with aggressive social engineering tactics, especially against South Korean and U.S.-based government organizations, academics, and think tanks focused on Korean peninsula geopolitical issues. • In addition to its espionage campaigns, we believe APT43 funds itself through cybercrime operations to support its primary mission of collecting strategic intelligence. • The group creates numerous spoofed and fraudulent personas for use in social engineering, as well as cover identities for purchasing operational tooling and infrastructure. • APT43 has collaborated with other North Korean espionage operators on multiple operations, underscoring the major role APT43 plays in the regime’s cyber apparatus.
Details Published Attributes CTI Title
Details Website 2023-10-18 4 Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps
Details Website 2023-10-10 14 Assessed Cyber Structure and Alignments of North Korea in 2023 | Mandiant
Details Website 2023-09-28 7 Anticipating File-Borne Threats: How Deep File Inspection Technology Will Shape the Future of Cyber Defense - InQuest
Details Website 2023-08-17 2 Threat Actors are Interested in Generative AI, but Use Remains Limited | Mandiant
Details Website 2023-07-25 4 North Korean Nation-State Actors Exposed in JumpCloud Hack After OPSEC Blunder
Details Website 2023-07-25 6 APT Profile: Kimsuky - SOCRadar® Cyber Intelligence Inc.
Details Website 2023-07-25 4 JumpCloud hack linked to North Korea after OPSEC mistake - RedPacket Security
Details Website 2023-07-24 61 North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack | Mandiant
Details Website 2023-07-24 4 JumpCloud hack linked to North Korea after OPSEC mistake
Details Website 2023-06-15 1 Ransomware Hackers and Scammers Utilizing Cloud Mining to Launder Cryptocurrency
Details Website 2023-06-15 1 Ransomware Hackers and Scammers Utilizing Cloud Mining to Launder Cryptocurrency - RedPacket Security
Details Website 2023-06-09 1 North Korea’s social engineering threat not going away
Details Website 2023-06-08 3 New Kimsuky social engineering attack can be used to hack anyone
Details Website 2023-06-08 9 Target of North Korean APT attack spills details of recent Kimsuky campaign
Details Website 2023-06-07 1 North Korean Hackers Mimic Journalists To Steal Credentials From Organizations | IT Security News
Details Website 2023-06-07 1 North Korean Hackers Mimic Journalists To Steal Credentials From Organizations
Details Website 2023-06-07 1 North Korean APT Group Kimsuky Expands Social Engineering Tactics
Details Website 2023-06-06 1 North Korean hackers impersonated journalists to gather intel from academics and think tanks
Details Website 2023-06-05 1 US & South Korea Issue Joint Warning on North Korea's Spearphishing Attacks; Rob Joyce Quoted
Details Website 2023-06-03 1 Kimsuky APT poses as journalists and broadcast writers in its attacks
Details Website 2023-06-03 1 DPRK’s Social Engineering Campaign Targets Think Tanks, Academia, and Media
Details Website 2023-06-02 1 North Korea's Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks - RedPacket Security
Details Website 2023-06-02 1 North Korea's Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks
Details Website 2023-06-02 1 North Korea's Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks - RedPacket Security
Details Website 2023-06-02 1 NSA and FBI: Kimsuky hackers pose as journalists to steal intel