Everyday is lazarus.dayβ


2014-04-21, CrowdStrike
The Art of Attribution: Identifying and Pursuing your Cyber Adversaries
"SILENT CHOLLIMA is a Democratic People’s Republic of Korea (DPRK) adversary that has been active since at least 2009 and likely operates in support of Bureau 121 of the DPRK’s Reconnaissance General Bureau (RGB). Early operations demonstrated both destructive and espionage components; however, SILENT CHOLLIMA’s mission appears to have changed in 2015 following a significant reorganization of the D..."

- CrowdStrike,

Also known as

Name Named by AKA First seen Last seen
Andariel FSI - 2017-07-27 2024-02-27
G0138 MITRE Andariel 2021-09-29 2021-09-29
Hive0079 IBM Andariel - -
NickelHyatt SecureWorks Andariel - -
Plutonium Microsoft Andariel 2022-11-07 2022-11-07
RedLight KRCERT Andariel - -
SilentChollima CrowdStrike Andariel 2014-04-21 2021-11-29
Stonefly Symantec Andariel 2022-04-27 2022-04-27
TA430 Proofpoint Andariel 2024-01-01 2024-01-01
UNC4131 Mandiant Andariel 2023-04-18 2023-04-18
UNC4369 Mandiant Andariel 2023-04-18 2023-04-18
UNC614 Mandiant Andariel 2023-02-16 2023-10-10