APT45: North Korea’s Digital Military Machine
Contents
APT45: North Korea’s Digital Military Machine
Mandiant
Written by: Taylor Long, Jeff Johnson, Alice Revelli, Fred Plan, Michael Barnhart
Executive Summary
- APT45 is a long-running, moderately sophisticated North Korean cyber operator that has carried out espionage campaigns as early as 2009.
- APT45 has gradually expanded into financially-motivated operations, and the group’s suspected development and deployment of ransomware sets it apart from other North Korean operators.
- APT45 and activity clusters suspected of being linked to the group are strongly associated with a distinct genealogy of malware families separate from peer North Korean operators like TEMP.Hermit and APT43.
- Among the groups assessed to operate from the Democratic People's Republic of Korea (DPRK), APT45 has been the most frequently observed targeting critical infrastructure.
Overview
Mandiant assesses with high confidence that APT45 is a moderately sophisticated cyber operator that supports the interests of the DPRK. Since at least 2009, APT45 has carried out a range of cyber operations aligned …
Mandiant
Written by: Taylor Long, Jeff Johnson, Alice Revelli, Fred Plan, Michael Barnhart
Executive Summary
- APT45 is a long-running, moderately sophisticated North Korean cyber operator that has carried out espionage campaigns as early as 2009.
- APT45 has gradually expanded into financially-motivated operations, and the group’s suspected development and deployment of ransomware sets it apart from other North Korean operators.
- APT45 and activity clusters suspected of being linked to the group are strongly associated with a distinct genealogy of malware families separate from peer North Korean operators like TEMP.Hermit and APT43.
- Among the groups assessed to operate from the Democratic People's Republic of Korea (DPRK), APT45 has been the most frequently observed targeting critical infrastructure.
Overview
Mandiant assesses with high confidence that APT45 is a moderately sophisticated cyber operator that supports the interests of the DPRK. Since at least 2009, APT45 has carried out a range of cyber operations aligned …