ioc[.]one - OSINT Cyber Threat Intelligence Database

North Korean Cyberattacks: A Dangerous and Evolving Threat

Show in Graph

Common Information

Type	Value
UUID	6699da6e-da87-4bed-a732-604d0cc50dd8
Fingerprint	d79bb554d5ec5a3490ae5aeb0fbcc230a453241e21f280c4aa4b8435de6b0baf
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 2, 2021, 9:04 a.m.
Added to db	May 13, 2024, 4:21 p.m.
Last updated	Aug. 31, 2024, 6:30 a.m.
Headline	North Korean Cyberattacks: A Dangerous and Evolving Threat
Title	North Korean Cyberattacks: A Dangerous and Evolving Threat
Detected Hints/Tags/Attributes	340/3/280

Source URLs

	Redirection	Url
Details	Source	https://www.heritage.org/sites/default/files/2021-09/SR247.pdf

URL Provider

Details	Provider	Source level domain
Details	heritage.org	www.heritage.org

Attributes

Details	Type	#Events	Value
Details	Domain	1	report.heritage.org
Details	Domain	3	heritage.org
Details	Domain	1	en.yna.co.kr
Details	Domain	12	www.dni.gov
Details	Domain	1	www.38north.org
Details	Domain	4	ccdcoe.org
Details	Domain	1	keia.org
Details	Domain	3	www.koreaherald.com
Details	Domain	6	digital-commons.usnwc.edu
Details	Domain	1	english.chosun.com
Details	Domain	4	undocs.org
Details	Domain	2	oec.world
Details	Domain	2	www.bok.or.kr
Details	Domain	3	view.do
Details	Domain	124	www.nytimes.com
Details	Domain	13	blog.chainalysis.com
Details	Domain	111	www.justice.gov
Details	Domain	338	kaspersky.com
Details	Domain	1	www2.cso.com.au
Details	Domain	47	go.recordedfuture.com
Details	Domain	1	asiatimes.com
Details	Domain	184	www.fireeye.com
Details	Domain	49	home.treasury.gov
Details	Domain	2	www.swift.com
Details	Domain	11	www.congress.gov
Details	Domain	1	iiotconnection.com
Details	Domain	7	www.law.cornell.edu
Details	Domain	469	www.cisa.gov
Details	Domain	3	www.heritage.org
Details	Domain	1	cnas.org
Details	Domain	10	www.atlanticcouncil.org
Details	Domain	1	www.occ.treas.gov
Details	Domain	5	www.fincen.gov
Details	Domain	37	www.cnbc.com
Details	Domain	12	www.mofa.go.jp
Details	Domain	1	www.undocs.org
Details	Domain	1	www.mnd.go.kr
Details	Domain	14	time.com
Details	Domain	1	www.eurasiareview.com
Details	Domain	6	www.voanews.com
Details	Domain	17	www.nbcnews.com
Details	Domain	24	www2.fireeye.com
Details	Domain	154	us-cert.cisa.gov
Details	Domain	25	content.fireeye.com
Details	Domain	1	russiancouncil.ru
Details	Domain	9	www.operationblockbuster.com
Details	Domain	138	www.darkreading.com
Details	Domain	23	paper.seebug.org
Details	Domain	101	www.group-ib.com
Details	Domain	83	www.theguardian.com
Details	Domain	5	www.csmonitor.com
Details	Domain	1	www.gpsworld.com
Details	Domain	103	www.mcafee.com
Details	Domain	216	www.symantec.com
Details	Domain	1	koreajoongangdaily.joins.com
Details	Domain	112	docs.google.com
Details	Domain	22	www.cbsnews.com
Details	Domain	403	securelist.com
Details	Domain	31	nytimes.com
Details	Domain	1	www.popularmechanics.com
Details	Domain	9	www.boannews.com
Details	Domain	10	global.ahnlab.com
Details	Domain	8	redalert.nshc.net
Details	Domain	37	blog.alyac.co.kr
Details	Domain	133	www.infosecurity-magazine.com
Details	Domain	21	cyware.com
Details	Domain	175	www.zdnet.com
Details	Domain	18	usa.kaspersky.com
Details	Domain	17	cyberscoop.com
Details	Domain	145	threatpost.com
Details	Domain	177	www.wired.com
Details	Domain	3	variety.com
Details	Domain	1	fivethirtyeight.com
Details	Domain	2	deadline.com
Details	Domain	151	www.bbc.com
Details	Domain	3	www.thetimes.co.uk
Details	Domain	1	www.eyerys.com
Details	Domain	19	money.cnn.com
Details	Domain	30	fortune.com
Details	Domain	1	www.newsbytesapp.com
Details	Domain	2	www.korea.kr
Details	Domain	2	pressreleaseview.do
Details	Domain	27	apnews.com
Details	Domain	44	www.bloomberg.com
Details	Domain	123	www.reuters.com
Details	Domain	26	www.technologyreview.com
Details	Domain	3	cryptocurrencynews.com
Details	Domain	41	blogs.microsoft.com
Details	Domain	35	www.cnn.com
Details	Domain	43	www.cyberscoop.com
Details	Domain	1	freekorea.us
Details	Domain	6	www.nknews.org
Details	File	2	2019-ata-sfr---ssci.pdf
Details	File	1	2020-0228_ska_nk-cyber-operations.pdf
Details	File	1	cycon_2019_book.pdf
Details	File	1	kei_aps_mansourov_final.pdf
Details	File	73	view.php
Details	File	1	2013110501790.html
Details	File	2	north-korea-hacking-cyber-sony.html
Details	File	2	www2.cs
Details	File	2	apt38-details-on-new-north-korean-regime-backed-threat-group.html
Details	File	1	cta-2020-0209.pdf
Details	File	3	north-korean-actors-spear-phish-us-electric-companies.html
Details	File	2	dprk_cyber_threat_advisory_20200415.pdf
Details	File	5	www.swift
Details	File	1	sif_201912.pdf
Details	File	1	2015_1.pdf
Details	File	1	north-korea-ib-v3.pdf
Details	File	1	index-bsa.html
Details	File	1	312factsheet.pdf
Details	File	1	page3e_001008.html
Details	File	1	pblictnebook_201908070153390840.pdf
Details	File	1	hpsr_securitybriefing_episode16_northkorea.pdf
Details	File	1	151216_cha_northkoreascyberoperationsweb.pdf
Details	File	6	rpt_apt37.pdf
Details	File	1	riac-cybernorthkorea-en.pdf
Details	File	9	operation-blockbuster-report.pdf
Details	File	1	dissecting-operation-troy.pdf
Details	File	252	www.cs
Details	File	1	-2011.pdf
Details	File	13	article.aspx
Details	File	1	2011050600827.html
Details	File	1	05korea.html
Details	File	1	2012051101175.html
Details	File	1	north-korea-hack-war-plans.html
Details	File	1	2021062101201.html
Details	File	1	north-korean-hackers-target-us-electric-companies-with-malicious-emails.html
Details	File	13	view.asp
Details	File	2	96_eng.pdf
Details	File	384	www.inf
Details	File	3	rp-operation-sharpshooter.pdf
Details	File	1	north-korea-hackers-israel.html
Details	File	1	20210708190700374.html
Details	File	816	index.html
Details	File	1	19-5068-1800815.pdf
Details	File	1	show_temp-76-1.pdf
Details	File	1	3b23f616-a02b-11ea-b5c9-570a91917d8d_story.html
Details	File	1	mun-chol-myong-indictment.pdf
Details	md5	1	f6822f1313e2499883348a5615d2dbed
Details	md5	1	6E2FAD8DB7F6B3568525844E004D7A26
Details	Threat Actor Identifier - APT	144	APT38
Details	Threat Actor Identifier - APT	277	APT37
Details	Threat Actor Identifier by Red Alert	1	SectorS63
Details	Threat Actor Identifier by Red Alert	50	SectorA05
Details	Url	1	https://en.yna.co.kr/view
Details	Url	2	https://www.dni.gov/files/odni/documents/2019-ata-sfr---ssci.pdf
Details	Url	1	https://www.38north.org/wp-content/uploads/pdf/2020-0228_ska_nk-cyber-operations.pdf
Details	Url	1	https://ccdcoe.org/uploads
Details	Url	1	http://keia.org/sites/default/files/publications/kei_aps_mansourov_final.pdf
Details	Url	1	http://www.koreaherald.com/view.php?ud=
Details	Url	1	https://digital-commons.usnwc.edu/cgi/viewcontent.cgi?article=1462&context=nwc
Details	Url	1	http://english.chosun.com/site/data/html_dir/2013/11/05
Details	Url	1	http://undocs.org/s/2019/691
Details	Url	1	https://oec.world/en/profile/country/prk
Details	Url	1	https://www.bok.or.kr/eng/bbs/e0000634/view.do?nttid=
Details	Url	2	https://www.nytimes.com/2017/10/15/world/asia/north-korea-hacking-cyber-sony.html
Details	Url	1	https://blog.chainalysis.com/reports/lazarus-group-kucoin-exchange-hack
Details	Url	6	https://www.justice.gov/opa/press-release/file/1092091/download
Details	Url	1	https://www.justice.gov/opa/pr/three-north-korean-military-hackers-indicted-wide-ranging-scheme-commit-cyberattacks
Details	Url	2	https://www.justice.gov/opa/pr/two-chinese-nationals-charged-laundering-over-100-million-cryptocurrency-exchange-hack
Details	Url	1	https://www.zdnet.com/article/north-korean-hackers-infiltrate-chiles-atm-network-after-skype-job-interview
Details	Url	1	https://www2.cso.com.au
Details	Url	1	https://www.fireeye.com/blog/threat-research/2018/10/apt38-details-on-new-north-korean-regime-backed-threat-group.html
Details	Url	1	https://go.recordedfuture.com/hubfs/reports/cta-2020-0209.pdf
Details	Url	1	https://asiatimes.com/2021/03/kims-cyber
Details	Url	1	https://asiatimes.com/2021/02/cyber-warriors-glimpse-into-kims-operation-chaos
Details	Url	1	https://www.fireeye.com/blog/threat
Details	Url	1	https://home.treasury.gov/system/files
Details	Url	1	https://www.swift.com/sites/default/files
Details	Url	1	https://www.congress.gov/bill/116th-congress/house-bill/6395/text
Details	Url	1	https://www.law.cornell.edu/uscode/text/6/chapter-6/subchapter-i
Details	Url	1	https://www.cisa.gov/sites/default/files
Details	Url	1	https://www.heritage.org/cybersecurity/report/additional-liability-protections-are-needed-against
Details	Url	1	https://www.lawfareblog.com/how-national-cyber-director-position-going-work-frequently-asked-questions
Details	Url	1	https://www.fincen.gov/news/news-releases/fincen-launches-fincen-exchange-enhance-public-private-information-sharing
Details	Url	1	https://www.atlanticcouncil.org/wp-content/uploads/2021/03/north-korea-ib-v3.pdf
Details	Url	2	https://www.congress.gov
Details	Url	1	https://freekorea.us/2020/03/doj-indicts-2-chinese-men-for-laundering-stolen-south-korean-bitcoin-for-north-korean-hackers
Details	Url	1	https://nationalinterest.org/blog/korea-watch/america-must-take-north-koreas-cyber-warfare-capabilities-seriously-174141
Details	Url	1	https://www.occ.treas.gov/topics/supervision
Details	Url	1	https://www.fincen.gov/sites
Details	Url	1	https://www.lawfareblog.com/long-arm-us-law-patriot-act-anti-money-laundering-act-2020-and-foreign-banks
Details	Url	1	https://www.heritage.org/cybersecurity/report/cybersecurity-national-policies-and-practices
Details	Url	1	http://www.cnbc.com/id/101974720
Details	Url	1	https://www.mofa.go.jp/na/fa/page3e_001008.html
Details	Url	1	https://www.mnd.go.kr/user/mnden/upload/pblictn
Details	Url	1	https://time.com/wp-content/uploads/2014/12/hpsr_securitybriefing_episode16_northkorea.pdf
Details	Url	1	https://www.eurasiareview.com/25092020-north-koreas-evolving-cyber-warfare-strategy-analysis
Details	Url	1	https://www.voanews.com/east-asia-pacific
Details	Url	1	https://www.nbcnews.com/id/wbna31866018
Details	Url	1	https://www.mcafee
Details	Url	1	https://csis-prod.s3
Details	Url	1	https://home.treasury.gov/news/press-releases/sm774
Details	Url	6	https://www2.fireeye.com/rs/848-did-242/images/rpt_apt37.pdf
Details	Url	2	https://us-cert.cisa.gov/ncas/alerts/aa20-301a
Details	Url	4	https://content.fireeye.com/apt/rpt-apt38
Details	Url	1	https://russiancouncil.ru/papers/riac-cybernorthkorea-en.pdf
Details	Url	3	https://www.operationblockbuster.com/wp-content
Details	Url	1	https://www.darkreading.com/threat-intelligence/sony-hackers-behind
Details	Url	2	https://www.group-ib.com/blog/lazarus
Details	Url	1	http://www.theguardian.com/world/2009/jul/08/south-korea-cyber-attack
Details	Url	1	https://www.csmonitor.com/world/security-watch
Details	Url	1	https://www.gpsworld.com/massive-gps-jamming-attack-by-north-korea
Details	Url	1	https://www.mcafee.com/wp-content/uploads/2011/07/mcafee-labs-10-days-of-rain-july
Details	Url	1	http://www.symantec.com/connect/blogs/four-years-darkseoul-cyberattacks-against-south
Details	Url	1	http://english.chosun.com/site/data/html_dir/2011/05
Details	Url	1	https://www.nytimes.com/2011/08/05/world/asia/05korea.html
Details	Url	1	http://english.chosun.com/site/data/html_dir/2012/05/11/2012051101175.html
Details	Url	1	https://koreajoongangdaily.joins.com/news
Details	Url	1	https://www.donga.com/en/list/article/all/20120605/403965/1/n-korea-uses-coordinates-to-threaten-sk-media-outlets
Details	Url	1	https://docs.google.com/file/d/0b6ck
Details	Url	1	https://www.cbsnews.com/news/north-korean-cyberattack-on-sony-60
Details	Url	1	https://securelist.com/the-kimsuky
Details	Url	1	https://koreajoongangdaily.joins.com/news/article/article.aspx?aid=
Details	Url	1	http://www.koreaherald.com
Details	Url	1	https://www.popularmechanics.com/military/weapons
Details	Url	2	https://www.cnn
Details	Url	1	http://english.chosun.com/site/data/html_dir/2021/06/21/2021062101201.html
Details	Url	1	https://www.cnbc.com/2017
Details	Url	1	https://www.boannews.com
Details	Url	4	https://unit42.paloaltonetworks
Details	Url	1	https://global.ahnlab.com/global/upload
Details	Url	1	https://redalert.nshc.net/2019/01/30
Details	Url	2	https://blog.alyac.co.kr/2234
Details	Url	3	https://blog.alyac.co.kr/2243
Details	Url	1	https://www.infosecurity-magazine.com/news/stolen
Details	Url	4	https://www.mcafee.com
Details	Url	1	https://cyware.com/news/operation-sharpshooter-attacks
Details	Url	1	https://www.mcafee.com/blogs/other-blogs/mcafee-labs/global-malware-campaign-pilfers-data-from-critical-infrastructure-entertainment
Details	Url	1	https://www.mcafee.com/blogs/other-blogs/mcafee-labs/hidden-cobra-targets-turkish-financial-sector-new
Details	Url	4	https://www.zdnet.com/article
Details	Url	1	https://www.cyberscoop
Details	Url	1	https://usa.kaspersky.com/about/press-releases
Details	Url	1	https://www.nytimes.com/2020/08/12/world/middleeast/north-korea-hackers-israel.html?referringsource=articleshare
Details	Url	1	https://threatpost.com/north
Details	Url	1	https://www.wired.com/story/north
Details	Url	1	https://koreajoongangdaily.joins.com/2021
Details	Url	1	https://variety.com/2014
Details	Url	1	http://www.law.cornell.edu/uscode/text/18/2331
Details	Url	1	https://www.dailymail.co.uk/news/article-2668733/north-korean-agricultural-workers-vow-revenge-u-s-rally-eve-korean-war-anniversary
Details	Url	1	http://fivethirtyeight.com/datalab/killing-the
Details	Url	1	https://deadline.com/2014
Details	Url	1	https://www.bbc.com/news/technology
Details	Url	1	http://www.thetimes.co.uk/tto/news/world
Details	Url	1	http://koreajoongangdaily.joins.com/news/article/article.aspx?aid=2998926
Details	Url	1	http://www.theguardian.com
Details	Url	1	https://www.eyerys.com/articles/timeline/wannacry-infecting-more-230000-computers-99
Details	Url	1	https://www.cbsnews.com/news/wannacry-ransomware-attacks-wannacry-virus-losses
Details	Url	1	https://money.cnn.com/2017/08/03
Details	Url	1	https://www.justice.gov/opa/press-release/file/1367701/download
Details	Url	1	https://fortune.com/2016/06
Details	Url	1	https://www.newsbytesapp.com/news/business/how
Details	Url	1	https://www.korea.kr/news/pressreleaseview.do?newsid=156144599&pageindex=1
Details	Url	1	https://apnews.com/article
Details	Url	2	https://us-cert.cisa.gov/ncas/alerts/ta18-275a
Details	Url	1	https://www.securonix.com/securonix-threat-research-cosmos-bank-swift-atm-us13-5-million-cyber-attack-detection-using
Details	Url	1	https://www.wired.com/story/how-north-korea-robs-banks-around-world
Details	Url	1	https://us-cert.cisa.gov/ncas/alerts/aa20-239a
Details	Url	6	https://www.bloomberg.com/news
Details	Url	1	https://www.reuters.com/article/us-chile-banks
Details	Url	1	https://www.technologyreview.com/2020/01/24/276082/lazarus-group-dragonex-chainalysis
Details	Url	1	https://cryptocurrencynews.com
Details	Url	1	https://www.cyfirma.com/early-warning/global-covid-19-related-phishing-campaign-by-north-korean-operatives-lazarus-group-exposed-by
Details	Url	1	https://www.wsj.com/articles/north-korean-hackers-are-said-to-have-targeted-companies-working-on-covid-19-vaccines
Details	Url	1	https://blogs.microsoft.com/on-the-issues/2020/11/13
Details	Url	1	https://usa.kaspersky.com/about/press-releases/2020_kaspersky-reveals-two-lazarus
Details	Url	1	https://www.cnn.com/2021/02/17/asia/north-korea-pfizer-intl-hnk/index.html
Details	Url	2	https://us-cert.cisa.gov/northkorea
Details	Url	1	https://www.federalregister
Details	Url	1	https://home.treasury
Details	Url	1	https://www.cadc.uscourts.gov/internet/opinions.nsf/6e2fad8db7f6b3568525844e004d7a26/$file/19-5068-1800815.pdf
Details	Url	5	https://www.cyberscoop.com
Details	Url	1	https://freekorea.us/wp-content/uploads/2020/05/show_temp-76-1.pdf
Details	Url	1	https://www.washingtonpost.com/local/legal-issues/us-brings-largest-ever-n-korean-sanctions-case-targeting
Details	Url	1	https://us-cert.cisa.gov/ncas/analysis-reports/ar20-232a
Details	Url	1	https://www.justice.gov/opa/pr/united-states-files-complaint-forfeit-280-cryptocurrency-accounts-tied
Details	Url	1	https://www.nbcnews.com/news/world/secret-documents-show-how-north-korea-launders-money-through-u-n1240329
Details	Url	1	https://us-cert.cisa.gov/ncas/alerts/aa21-048a
Details	Url	1	https://www.justice.gov/opa/pr/first-north-korean-national-brought-united-states-stand-trial-money-laundering-offenses
Details	Url	1	https://www.nknews.org/wp-content/uploads/2021/03/mun-chol-myong-indictment.pdf?t=1624377604227