2024-12-13
PolySwarm
2024 Recap - North Korean Threat Actor Activity
#MoonstoneSleet
#FamousChollima
#LabyrinthChollima
#RicochetChollima
#SilentChollima
#StardustChollima
#VelvetChollima
SilentChollima
"SILENT CHOLLIMA is a Democratic People’s Republic of Korea (DPRK) adversary that has been active since at least 2009 and likely operates in support of Bureau 121 of the DPRK’s Reconnaissance General Bureau (RGB). Early operations demonstrated both destructive and espionage components; however, SILENT CHOLLIMA’s mission appears to have changed in 2015 following a significant reorganization of the D..."
- CrowdStrike, https://www.crowdstrike.com/adversaries/silent-chollima/
Also known as
| Name | Named by | AKA | First seen | Last seen |
|---|---|---|---|---|
| APT45 | Mandiant | Andariel | 2024-07-26 | 2024-10-31 |
| Andariel | FSI | - | 2017-07-27 | 2025-01-24 |
| Clasiopa | Symantec | Andariel | 2023-02-23 | 2023-02-23 |
| G0138 | MITRE | Andariel | 2021-09-29 | 2021-09-29 |
| Hive0079 | IBM | Andariel | - | - |
| JumpyPisces | PaloaltoNetworks | Andariel | 2024-06-28 | 2024-10-30 |
| NickelHyatt | SecureWorks | Andariel | - | 2024-10-08 |
| Plutonium | Microsoft | Andariel | 2022-11-07 | 2022-11-07 |
| RedLight | KRCERT | Andariel | - | - |
| SectorA04 | NSHC | Andariel | 2020-03-12 | 2025-01-17 |
| SilentChollima | CrowdStrike | Andariel | 2014-04-21 | 2024-12-13 |
| Stonefly | Symantec | Andariel | 2022-04-27 | 2024-10-02 |
| TA430 | Proofpoint | Andariel | 2024-01-01 | 2024-01-01 |
| UNC4131 | Mandiant | Andariel | 2023-04-18 | 2023-04-18 |
| UNC4369 | Mandiant | Andariel | 2023-04-18 | 2023-04-18 |
| UNC614 | Mandiant | Andariel | 2023-02-16 | 2023-10-10 |