2024-10-29
SecurityScorecard
The Job Offer That Wasn’t: How We Stopped an Espionage Plot
#BeaverTail
#FamousChollima
#InvisibleFerret
FamousChollima
"Formerly tracked by CrowdStrike Intelligence as the BadClone activity cluster, FAMOUS CHOLLIMA has been active since at least 2018. The adversary primarily conducts operations to illicitly obtain freelance or full-time equivalent (FTE) work to earn a salary that can be funneled to North Korea. The adversary has also deployed the custom malware families BeaverTail and InvisibleFerret as well as rem..."
- CrowdStrike, https://www.crowdstrike.com/adversaries/famous-chollima/
Also known as
Name | Named by | AKA | First seen | Last seen |
---|---|---|---|---|
FamousChollima | CrowdStrike | - | 2024-08-07 | 2024-10-29 |
NickelTapestry | SecureWorks | FamousChollima | 2024-10-16 | 2024-10-16 |
TenaciousPungsan | Datadog | FamousChollima | 2024-10-24 | 2024-10-24 |
UNC5267 | Mandiant | FamousChollima | 2024-09-23 | 2024-09-23 |