Response to CISA Advisory (AA24-207A)
Contents
On July 25, 2024, the United States Federal Bureau of Investigation (FBI), the Cyber National Mission Force (CNMF), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Defense Cyber Crime Center (DC3), the National Security Agency (NSA), the Republic of Korea’s National Intelligence Service (NIS), the Republic of Korea’s National Police Agency (NPA), and the United Kingdom’s National Cyber Security Centre (NCSC) released a Cybersecurity Advisory (CSA) that highlights cyber espionage activity associated with the Democratic People’s Republic of Korea (DPRK)’s Reconnaissance General Bureau (RGB) 3rd Bureau based in Pyongyang and Sinuiju.
Andariel, also known as Onyx Sleet, DarkSeoul, Silent Chollima, and Stonefly/Clasiopa, is a North Korean state-sponsored adversary that has been active since at least 2009. The adversary, a subgroup of the notorious Lazarus group, is suspected to be operating in support of the DPRK’s RGB 3rd Bureau.
Andariel is focused on collecting intelligence on government and military entities following …
Andariel, also known as Onyx Sleet, DarkSeoul, Silent Chollima, and Stonefly/Clasiopa, is a North Korean state-sponsored adversary that has been active since at least 2009. The adversary, a subgroup of the notorious Lazarus group, is suspected to be operating in support of the DPRK’s RGB 3rd Bureau.
Andariel is focused on collecting intelligence on government and military entities following …