2025-02-10
0x0v1
Targeted Threats Research - South & North Korea (a breakdown of 3 years of threat research in Korea)
#APT37
#CVE-2022-41128
#Kimsuky
#RambleOn
#RokRAT
#UCID902
APT37
"APT37 has likely been active since at least 2012 and focuses on targeting the public and private sectors primarily in South Korea. In 2017, APT37 expanded its targeting beyond the Korean peninsula to include Japan, Vietnam and the Middle East, and to a wider range of industry verticals, including chemicals, electronics, manufacturing, aerospace, automotive and healthcare entities"
- malpedia, https://malpedia.caad.fkie.fraunhofer.de/actor/apt37
Also known as
Name | Named by | AKA | First seen | Last seen |
---|---|---|---|---|
APT-C-28 | Qihoo360 | ScarCruft | 2019-06-01 | 2024-04-23 |
APT37 | Mandiant | ScarCruft | 2018-02-20 | 2025-02-10 |
ATK4 | ThalesGroup | APT37 | 2019-10-07 | 2022-05-31 |
BlackShoggoth | PWC | APT37 | 2020-03-03 | 2021-02-28 |
G0067 | MITRE | APT37 | 2018-04-18 | 2018-04-18 |
Group123 | CiscoTalos | ScarCruft | 2018-01-16 | 2023-07-11 |
ITG10 | IBM | ScarCruft | 2021-10-23 | 2023-06-06 |
InkySquid | Volexity | ScarCruft | 2021-08-17 | 2023-01-04 |
NickelFoxcroft | SecureWorks | ScarCruft | - | 2024-10-08 |
RedEyes | Ahnlab | ScarCruft | 2018-02-21 | 2024-05-07 |
RicochetChollima | CrowdStrike | ScarCruft | 2019-02-19 | 2024-12-13 |
ScarCruft | Kaspersky | - | 2016-06-17 | 2025-01-20 |
TEMP.Reaper | Mandiant | ScarCruft | 2018-02-03 | 2024-04-09 |
금성121 | ESTSecurity | ScarCruft | 2018-07-04 | 2023-09-19 |